JHildebrand at jabber.com
Wed Jun 11 15:20:56 CDT 2003
77: +1, but I'd prefer if there was a JEP-68 FORM_TYPE specified for the
x:data form, with username, password, etc. registered with the Jabber
Registrar. I suppose I'm ok with that happening separately, though.
- There needs to be a digest example
- This phrase is unclear after example 3:
"(note that any non-ASCII characters MUST be properly escaped)." Escaped
how? &x0000;? Shouldn't UTF-8 be good enough?
- When can error 409 happen? There probably needs to be some narrative on
- Under security considerations, there needs to be a reference to the
upgrade attack. If the client speaks plaintext but the server doesn't, a
man-in-the-middle can trick the client into revealing the plaintext
password, so clients SHOULD NOT implement plaintext, in particular.
> -----Original Message-----
> From: Peter Saint-Andre [mailto:stpeter at jabber.org]
> Sent: Thursday, June 05, 2003 9:17 AM
> To: council at jabber.org
> We have several outstanding issues:
> 1. Vote on JEP-0077 (announced June 3, ends June 13, no votes
> so far) 2. Vote on JEP-0078 (announced June 3, ends June 13,
> no votes so far) 3. Motion for last call on JEP-0047 (IBB)?
> 4. Motion for last call on JEP-0068 (Field Standardization)?
> 5. We have a vacancy -- do we want/need to fill it?
> I'm wondering if it would be productive to have a meeting
> sometime soon.
> Peter Saint-Andre
> Jabber Software Foundation
> Council mailing list
> Council at jabber.org
More information about the Council