From jlist9 at gmail.com  Thu Jan  1 20:42:26 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 18:42:26 -0800
Subject: [jdev] Show values of the Presence Message
Message-ID: <564746040.20090101184226@gmail.com>

Hi,
  
I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.
dnd and away are easy to understand. I'm not sure about chat, xa or
none. Any pointers? Does "chat" mean actively chatting and none mean
available but not chatting? Or, is "chat" the normal status while none
means the user is logged out?

-- 
Thanks,
Jack


From stpeter at stpeter.im  Thu Jan  1 21:02:37 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 1 Jan 2009 20:02:37 -0700
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <564746040.20090101184226@gmail.com>
References: <564746040.20090101184226@gmail.com>
Message-ID: <20090102030237.GC25476@stpeter.im>

On Thu, Jan 01, 2009 at 06:42:26PM -0800, jlist wrote:

> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show


From jlist9 at gmail.com  Thu Jan  1 21:33:06 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 19:33:06 -0800
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <20090102030237.GC25476@stpeter.im>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
Message-ID: <979943364.20090101193306@gmail.com>

Thanks Peter!

Thursday, January 1, 2009, 7:02:37 PM, you wrote:

> On Thu, Jan 01, 2009 at 06:42:26PM -0800, jlist wrote:

>> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show



From jlist9 at gmail.com  Thu Jan  1 23:13:17 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 21:13:17 -0800
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <20090102030237.GC25476@stpeter.im>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
Message-ID: <382317849.20090101211317@gmail.com>

Speaking of presence messages, is there a way to tell from these
messages (or by any other means) that a buddy has gone off-line?

>> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show



From richard at indigo3.net  Fri Jan  2 02:21:32 2009
From: richard at indigo3.net (Richard Smith)
Date: Fri, 02 Jan 2009 09:21:32 +0100
Subject: [jdev] scaling a component
In-Reply-To: <4946B50F.4060806@buddycloud.com>
References: <4946B50F.4060806@buddycloud.com>
Message-ID: <495DCE8C.4050909@indigo3.net>

Simon Tennant wrote:
> Any tips or pointers would be most useful.  (I'll push the queries about
> load balancing components between servers to the ejabberd mailing list.)

If you happen to be running ejabberd as your core xmpp server, then just 
initiate multiple connections per comonent domain.

ejabberd is quite clever at scaling.

-- 
Richard





From machekku at uaznia.net  Fri Jan  2 02:30:56 2009
From: machekku at uaznia.net (Maciek Niedzielski)
Date: Fri, 02 Jan 2009 09:30:56 +0100
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <382317849.20090101211317@gmail.com>
References: <564746040.20090101184226@gmail.com>	<20090102030237.GC25476@stpeter.im>
	<382317849.20090101211317@gmail.com>
Message-ID: <495DD0C0.3080409@uaznia.net>

jlist wrote:
> Speaking of presence messages, is there a way to tell from these
> messages (or by any other means) that a buddy has gone off-line?

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.section.4.7.1

Basically, you send <presence type='unavailable'/>

-- 
Maciek
  xmpp:machekku at uaznia.net

From jlist9 at gmail.com  Fri Jan  2 15:49:01 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Fri, 2 Jan 2009 13:49:01 -0800
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <495DD0C0.3080409@uaznia.net>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
	<382317849.20090101211317@gmail.com> <495DD0C0.3080409@uaznia.net>
Message-ID: <1729456589.20090102134901@gmail.com>

Hello Maciek,

Thanks for your reply. I've added that but it doesn't seem to
solve my problem. What I'm trying to do is to log in with the
same user twice but bind to different resources. And I'd like
any of the two instances notified when the other instance logs out.

Do I need to explicitly subscribe to the other instances's presence
stanzas?

Jack

>> Speaking of presence messages, is there a way to tell from these
>> messages (or by any other means) that a buddy has gone off-line?

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.section.4.7.1

> Basically, you send <presence type='unavailable'/>



From lambda512 at gmail.com  Fri Jan  2 16:32:03 2009
From: lambda512 at gmail.com (naw)
Date: Fri, 2 Jan 2009 23:32:03 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <1729456589.20090102134901@gmail.com>
References: <564746040.20090101184226@gmail.com> <495DD0C0.3080409@uaznia.net>
	<1729456589.20090102134901@gmail.com>
Message-ID: <200901022332.03903.lambda512@gmail.com>

El Viernes 02 Enero 2009, jlist9 at gmail.com escribi?:
> Hello Maciek,
>
> Thanks for your reply. I've added that but it doesn't seem to
> solve my problem. What I'm trying to do is to log in with the
> same user twice but bind to different resources. And I'd like
> any of the two instances notified when the other instance logs out.
>
> Do I need to explicitly subscribe to the other instances's presence
> stanzas?
>
> Jack
>
> >> Speaking of presence messages, is there a way to tell from these
> >> messages (or by any other means) that a buddy has gone off-line?
> >
> > http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.s
> >ection.4.7.1
> >
> > Basically, you send <presence type='unavailable'/>
>

When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
<presence from="xxxx at jabberes.org/Home" type="unavailable" 
to="xxxx at jabberes.org/Psi" /> 

I don't remember to be subscribed explicitly to myself.

From jlist9 at gmail.com  Fri Jan  2 19:26:11 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Fri, 2 Jan 2009 17:26:11 -0800
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <200901022332.03903.lambda512@gmail.com>
References: <564746040.20090101184226@gmail.com> <495DD0C0.3080409@uaznia.net>
	<1729456589.20090102134901@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
Message-ID: <551372200.20090102172611@gmail.com>


>> Thanks for your reply. I've added that but it doesn't seem to
>> solve my problem. What I'm trying to do is to log in with the
>> same user twice but bind to different resources. And I'd like
>> any of the two instances notified when the other instance logs out.
>>
>> Do I need to explicitly subscribe to the other instances's presence
>> stanzas?
>>

> When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> <presence from="xxxx at jabberes.org/Home" type="unavailable" 
> to="xxxx at jabberes.org/Psi" /> 

> I don't remember to be subscribed explicitly to myself.

Hmm. Maybe the servers don't behave the same way. I was experimenting
with gtalk...


From lambda512 at gmail.com  Sat Jan  3 06:38:33 2009
From: lambda512 at gmail.com (naw)
Date: Sat, 3 Jan 2009 13:38:33 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <551372200.20090102172611@gmail.com>
References: <564746040.20090101184226@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
	<551372200.20090102172611@gmail.com>
Message-ID: <200901031338.35340.lambda512@gmail.com>

El S?bado 03 Enero 2009, jlist9 at gmail.com escribi?:
> >> Thanks for your reply. I've added that but it doesn't seem to
> >> solve my problem. What I'm trying to do is to log in with the
> >> same user twice but bind to different resources. And I'd like
> >> any of the two instances notified when the other instance logs out.
> >>
> >> Do I need to explicitly subscribe to the other instances's presence
> >> stanzas?
> >
> > When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> > <presence from="xxxx at jabberes.org/Home" type="unavailable"
> > to="xxxx at jabberes.org/Psi" />
> >
> > I don't remember to be subscribed explicitly to myself.
>
> Hmm. Maybe the servers don't behave the same way. I was experimenting
> with gtalk...

gtalk behaves in the same way
<presence from="xxxx at gmail.com/HomeCF82D0B9" type="unavailable" 
to="xxxx at gmail.com" />

Did you get the roster (buddy list) from the server? If not, I think that you 
won't receive presence updates.

-- 

Jabber-ID: lambda512 at jabberes.org lambda512 at gmail.com

From tomek at xiaoka.com  Sat Jan  3 07:38:07 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Sat, 03 Jan 2009 14:38:07 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <200901022332.03903.lambda512@gmail.com>
References: <564746040.20090101184226@gmail.com>
	<495DD0C0.3080409@uaznia.net> <1729456589.20090102134901@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
Message-ID: <1230989887.5199.9.camel@wing>

Dnia 2009-01-02, pi? o godzinie 23:32 +0100, naw pisze:
> When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> <presence from="xxxx at jabberes.org/Home" type="unavailable" 
> to="xxxx at jabberes.org/Psi" /> 
> 
> I don't remember to be subscribed explicitly to myself.

Why don't you just make the effort and read XMPP-IM RFC?

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-broadcast-outbound
"The user's server MUST also send the presence stanza to all of the
user's available resources (including the resource that generated the
presence notification in the first place)."

-- 



From stpeter at stpeter.im  Tue Jan  6 15:33:17 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Tue, 06 Jan 2009 14:33:17 -0700
Subject: [jdev] FOSDEM update
Message-ID: <4963CE1D.2000200@stpeter.im>

In its weekly meeting just now, the XSF Board of Directors decided on
the following schedule for the FOSDEM weekend (to discuss further,
please join the summit at xmpp.org list, which you can do via the web at
<http://mail.jabber.org/mailman/listinfo/summit>)....

***

Friday, February 6

A Jingle hackfest for developers who wish to code and test their
implemenations of Jingle, primarily at this point for voice and video.

Saturday, February 7

Public talks and tutorials for larger audiences at FOSDEM (we have a
"devroom" from noon to 6 PM); if you are interested in presenting a talk
or tutorial, please contact Peter Saint-Andre.

Sunday, February 8

Developers are free to attend the second day of the FOSDEM conference.
We'll need help manning the booth and attending talks to spread the word
about XMPP. Also expect many interesting "hallway" discussions and
continued hacking in the background.

Monday, February 9

The "summit" itself: Intensive discussions among core XMPP developers to
solve pressing problems in the XMPP "protocol stack"; the main topics
will probably be mobile optimizations, file transfer, and end-to-end
encryption as recently prioritized by the XMPP Council.

***

See you in Brussels!

/psa

From jlist9 at gmail.com  Thu Jan  8 15:30:00 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 13:30:00 -0800
Subject: [jdev] Smack API and jabber.org
Message-ID: <728707467.20090108133000@gmail.com>

Hello all,

Has anyone tried using jivesoftware's Smack API to access
jabber.org? I tried some sample code on their forum but I was
getting an error. The same code (with the slight difference of
using a full email address) works fine for talk.google.com.

Or, has anyone tried any java XMPP library with success?


The error:

SASL authentication failed using mechanism PLAIN:
        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)

The sample code:

ConnectionConfiguration cc = new ConnectionConfiguration("jabber.org", 5222, "jabber.org");
XMPPConnection connection = new XMPPConnection(cc);
try {
     connection.connect();
     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
     connection.login("your.jabber", "password", "resource");
     System.out.println(connection.isAuthenticated());
} catch (XMPPException e1) {
     e1.printStackTrace();
}

-- 
Best regards,
Jack


From mwild1 at gmail.com  Thu Jan  8 19:34:25 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Fri, 9 Jan 2009 01:34:25 +0000
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <728707467.20090108133000@gmail.com>
References: <728707467.20090108133000@gmail.com>
Message-ID: <4db9cacb0901081734n4a520feeo9d85d4b7ed831739@mail.gmail.com>

On Thu, Jan 8, 2009 at 9:30 PM,  <jlist9 at gmail.com> wrote:
>     connection.login("your.jabber", "password", "resource");

Just a shot in the dark since I don't know smack, but have you tried
putting the full bare JID here, instead of just the username?

Failing that, capture the XML being sent to the server and verify that
the base64'd login credentials are correct.

Matthew.

From sumedha.r at gmail.com  Thu Jan  8 20:42:27 2009
From: sumedha.r at gmail.com (sumedha rubasinghe)
Date: Fri, 9 Jan 2009 08:12:27 +0530
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <728707467.20090108133000@gmail.com>
References: <728707467.20090108133000@gmail.com>
Message-ID: <358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>

Hi,
I have following code block & it works.
/sumedha

xmppConnection = new XMPPConnection(serverCredentials.getServerUrl());
try {
	xmppConnection.connect();
} catch (XMPPException e) {
      log.error("Failed to connect to server
:"+serverCredentials.getServerUrl(), e);
}
//Pause for a small time before trying to login.
//This prevents random ssl exception from Smack API
try {
	Thread.sleep(100);
} catch (InterruptedException e5) {
	log.debug("Sleep interrupted ",e5);
}

if(xmppConnection.isConnected()){
	if(! xmppConnection.isAuthenticated()){
	try {
		xmppConnection.login(serverCredentials.getAccountName()+"@"+
					serverCredentials.getServerUrl(),
					serverCredentials.getPassword(),
					serverCredentials.getResource(),
					true);
	} catch (XMPPException e) {
		try {
			log.error("Login failed for "
					+serverCredentials.getAccountName()
					+"@"+serverCredentials.getServerUrl()
					+".Retrying in 2 secs",e);
			Thread.sleep(2000);
			xmppConnection.login(serverCredentials.getAccountName()+"@"+
					serverCredentials.getServerUrl(),
    				        serverCredentials.getPassword(),
					serverCredentials.getResource(),
					true);
			} catch (InterruptedException e1) {
				log.error("Sleep interrupted.",e1);
			} catch (XMPPException e2) {
				log.error("Login failed for : "+serverCredentials.getAccountName()
						+"@"+serverCredentials.getServerUrl(),e2);
				throw new AxisFault("Login failed for : "+serverCredentials.getAccountName()
						+"@"+serverCredentials.getServerUrl());
			}
		}
	        //Listen for Message type packets from specified server url
		//packetFilter = new AndFilter(new PacketTypeFilter(Message.class),
		//		new FromContainsFilter(serverCredentials.getServerUrl()));
		packetFilter = new FromContainsFilter(serverCredentials.getServerUrl());					
	}
}					





On Fri, Jan 9, 2009 at 3:00 AM,  <jlist9 at gmail.com> wrote:
> Hello all,
>
> Has anyone tried using jivesoftware's Smack API to access
> jabber.org? I tried some sample code on their forum but I was
> getting an error. The same code (with the slight difference of
> using a full email address) works fine for talk.google.com.
>
> Or, has anyone tried any java XMPP library with success?
>
>
> The error:
>
> SASL authentication failed using mechanism PLAIN:
>        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
>        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
>        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)
>
> The sample code:
>
> ConnectionConfiguration cc = new ConnectionConfiguration("jabber.org", 5222, "jabber.org");
> XMPPConnection connection = new XMPPConnection(cc);
> try {
>     connection.connect();
>     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
>     connection.login("your.jabber", "password", "resource");
>     System.out.println(connection.isAuthenticated());
> } catch (XMPPException e1) {
>     e1.printStackTrace();
> }
>
> --
> Best regards,
> Jack
>
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>

From jlist9 at gmail.com  Thu Jan  8 22:38:59 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 20:38:59 -0800
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
Message-ID: <102526468.20090108203859@gmail.com>

Thanks sumedha. It looks like you are not using the latest version
of Smack (3.1.0 beta), since the XMPPConnection class of this version
doesn't have a login(String, String, String, boolean) function.
It's login(String, String, String) instead.

But if it works, I wonder if it's possible for me to get the jar files
from you? I'd like to give that version a try.

Thursday, January 8, 2009, 6:42:27 PM, you wrote:

> Hi,
> I have following code block & it works.
> /sumedha

> xmppConnection = new
> XMPPConnection(serverCredentials.getServerUrl());
> try {
> 	xmppConnection.connect();
> } catch (XMPPException e) {
>       log.error("Failed to connect to server
> :"+serverCredentials.getServerUrl(), e);
> }
> //Pause for a small time before trying to login.
> //This prevents random ssl exception from Smack API
> try {
> 	Thread.sleep(100);
> } catch (InterruptedException e5) {
> 	log.debug("Sleep interrupted ",e5);
> }

> if(xmppConnection.isConnected()){
> 	if(! xmppConnection.isAuthenticated()){
> 	try {
> 		xmppConnection.login(serverCredentials.getAccountName()+"@"+
> 					serverCredentials.getServerUrl(),
> 					serverCredentials.getPassword(),
> 					serverCredentials.getResource(),
> 					true);
> 	} catch (XMPPException e) {
> 		try {
> 			log.error("Login failed for "
> 					+serverCredentials.getAccountName()
> 					+"@"+serverCredentials.getServerUrl()
> 					+".Retrying in 2 secs",e);
> 			Thread.sleep(2000);
> 			xmppConnection.login(serverCredentials.getAccountName()+"@"+
> 					serverCredentials.getServerUrl(),
>     				        serverCredentials.getPassword(),
> 					serverCredentials.getResource(),
> 					true);
> 			} catch (InterruptedException e1) {
> 				log.error("Sleep interrupted.",e1);
> 			} catch (XMPPException e2) {
> 				log.error("Login failed for :
> "+serverCredentials.getAccountName()
> 						+"@"+serverCredentials.getServerUrl(),e2);
> 				throw new AxisFault("Login failed for :
> "+serverCredentials.getAccountName()
> 						+"@"+serverCredentials.getServerUrl());
> 			}
> 		}
> 	        //Listen for Message type packets from specified server url
> 		//packetFilter = new AndFilter(new PacketTypeFilter(Message.class),
> 		//		new FromContainsFilter(serverCredentials.getServerUrl()));
> 		packetFilter = new
> FromContainsFilter(serverCredentials.getServerUrl());					
> 	}
> }					





> On Fri, Jan 9, 2009 at 3:00 AM,  <jlist9 at gmail.com> wrote:
>> Hello all,
>>
>> Has anyone tried using jivesoftware's Smack API to access
>> jabber.org? I tried some sample code on their forum but I was
>> getting an error. The same code (with the slight difference of
>> using a full email address) works fine for talk.google.com.
>>
>> Or, has anyone tried any java XMPP library with success?
>>
>>
>> The error:
>>
>> SASL authentication failed using mechanism PLAIN:
>>        at
>> org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
>>        at
>> org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
>>        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)
>>
>> The sample code:
>>
>> ConnectionConfiguration cc = new
>> ConnectionConfiguration("jabber.org", 5222, "jabber.org");
>> XMPPConnection connection = new XMPPConnection(cc);
>> try {
>>     connection.connect();
>>     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
>>     connection.login("your.jabber", "password", "resource");
>>     System.out.println(connection.isAuthenticated());
>> } catch (XMPPException e1) {
>>     e1.printStackTrace();
>> }



From sumedha.r at gmail.com  Thu Jan  8 23:37:52 2009
From: sumedha.r at gmail.com (sumedha rubasinghe)
Date: Fri, 9 Jan 2009 11:07:52 +0530
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <1979015996.20090108212208@gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
	<102526468.20090108203859@gmail.com>
	<358531180901082117g3a1b7680k79e0f41b4e7cd186@mail.gmail.com>
	<1979015996.20090108212208@gmail.com>
Message-ID: <358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>

Hi,
You can download it from here[1].
wonder why old distributions are not available... Even I could not
find it on their site. :-)

/sumedha
http://sumedha.blogspot.com

[1] http://ws.zones.apache.org/repository2/org/igniterealtime/



On Fri, Jan 9, 2009 at 10:52 AM,  <jlist9 at gmail.com> wrote:
> Would it be possible for you to email me the two jar files?
> Their site doesn't seem to provide downloads for earlier versions :(
> I'd appreciate it.
>
>> Your correct, I am using Smack 3.0.4. (Downloadable from smack site)
>
>> /sumedha
>
>
>> On Fri, Jan 9, 2009 at 10:08 AM,  <jlist9 at gmail.com> wrote:
>>> Thanks sumedha. It looks like you are not using the latest version
>>> of Smack (3.1.0 beta), since the XMPPConnection class of this version
>>> doesn't have a login(String, String, String, boolean) function.
>>> It's login(String, String, String) instead.
>>>
>>> But if it works, I wonder if it's possible for me to get the jar files
>>> from you? I'd like to give that version a try.
>
>
>

From jlist9 at gmail.com  Fri Jan  9 00:33:52 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 22:33:52 -0800
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
	<102526468.20090108203859@gmail.com>
	<358531180901082117g3a1b7680k79e0f41b4e7cd186@mail.gmail.com>
	<1979015996.20090108212208@gmail.com>
	<358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>
Message-ID: <491441170.20090108223352@gmail.com>

Thanks sumedha!

> You can download it from here[1].
> wonder why old distributions are not available... Even I could not
> find it on their site. :-)

> /sumedha
> http://sumedha.blogspot.com

> [1] http://ws.zones.apache.org/repository2/org/igniterealtime/



From Jehan.3lqu8n at no-mx.jabberforum.org  Fri Jan  9 05:27:31 2009
From: Jehan.3lqu8n at no-mx.jabberforum.org (Jehan)
Date: Fri, 9 Jan 2009 12:27:31 +0100
Subject: [jdev] out of scope: Quakelive would use XMPP
Message-ID: <Jehan.3lqu8n@no-mx.jabberforum.org>


Hi all,

I don't know exactly where to post this info, so sorry because it is a
little out of scope in jdev. But I am forwarding a message read from a
Linux community french website:
https://linuxfr.org/~Skateinmars/27735.html

Apparently the QuakeLive game ( http://www.quakelive.com/noflash.html )
would use XMPP as the guy reported that during a game launch, he can
read "Waiting on XMPP Authentication". Then he could find this email
from an idsoftware dev which seems to corroborate the XMPP hypothesis:
https://mailman.ik.nu/pipermail/twisted-jabber/2008-May/000149.html

Now even games from big companies are using XMPP! Nice, isn't it?

Jehan


-- 
Jehan
------------------------------------------------------------------------
Jehan's Profile: http://www.jabberforum.org/member.php?userid=16911
View this thread: http://www.jabberforum.org/showthread.php?t=1310


From gnauck at ag-software.de  Fri Jan  9 13:15:18 2009
From: gnauck at ag-software.de (Alexander Gnauck)
Date: Fri, 09 Jan 2009 20:15:18 +0100
Subject: [jdev] XSF membership application period Q1/2009
Message-ID: <4967A246.9060603@ag-software.de>

The XMPP Standards Foundation (XSF) is currently holding its quarterly 
membership application period:
http://wiki.xmpp.org/web/Membership_Applications_January_2009

Applications are encouraged from developers and others who are actively 
involved in the Jabber/XMPP community. To apply, create a page about 
yourself on the wiki.

If you don't have a wiki account, send your name, preferred nickname and 
email address to me or one of the other Sysops:
http://wiki.xmpp.org/index.php/Sysops

The application period ends on 26th January 2009 23:59h UTC, so apply today!

Thanks,
Alex

From kamanashisroy at gmail.com  Sat Jan 10 11:25:45 2009
From: kamanashisroy at gmail.com (Kamanashis Roy Shuva)
Date: Sat, 10 Jan 2009 23:25:45 +0600
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <4967A246.9060603@ag-software.de>
References: <4967A246.9060603@ag-software.de>
Message-ID: <ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>

Hi,

  I am Kamanashis Roy, my nick name is Shuva .. I wish to be a member of
this wiki.

  I wish to talk about the best data exchange, document exchange and
rendering techniques available here, for example,
http://xmpp.org/extensions/xep-0004.html,
http://xmpp.org/extensions/xep-0071.html and some upcoming portocols if
available. Surely I need some discussion and help about that. And I like to
implement those things in MiniIM.

-- 
-- Sharp blade clean shield

Kamanashis Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.jabber.org/pipermail/jdev/attachments/20090110/7c3f6b79/attachment.htm 

From mwild1 at gmail.com  Sat Jan 10 11:55:09 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Sat, 10 Jan 2009 17:55:09 +0000
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
Message-ID: <4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>

On Sat, Jan 10, 2009 at 5:25 PM, Kamanashis Roy Shuva
<kamanashisroy at gmail.com> wrote:
> Hi,
>
>   I am Kamanashis Roy, my nick name is Shuva .. I wish to be a member of
> this wiki.
>

You should have just received an email with your account details, let
me know if there are any problems :)

Matthew.

From kamanashisroy at gmail.com  Sun Jan 11 11:14:22 2009
From: kamanashisroy at gmail.com (Kamanashis Roy Shuva)
Date: Sun, 11 Jan 2009 23:14:22 +0600
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
	<4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
Message-ID: <ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>

Hi,

  Thanks for your reply. I already have an account as
kamanashisroy at jabber.org . I am little confused with that. Should I use the
same account ? or is it possible to use the same ? If it is, then I like to
use that.

-- 
-- Sharp blade clean shield

Kamanashis Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.jabber.org/pipermail/jdev/attachments/20090111/ea0e8e7c/attachment.htm 

From mwild1 at gmail.com  Sun Jan 11 11:50:14 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Sun, 11 Jan 2009 17:50:14 +0000
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
	<4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
	<ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>
Message-ID: <4db9cacb0901110950n62200c70x7235d369eb732ab@mail.gmail.com>

On Sun, Jan 11, 2009 at 5:14 PM, Kamanashis Roy Shuva
<kamanashisroy at gmail.com> wrote:
> Hi,
>
>   Thanks for your reply. I already have an account as
> kamanashisroy at jabber.org . I am little confused with that. Should I use the
> same account ? or is it possible to use the same ? If it is, then I like to
> use that.
>

If you are asking whether our wiki authentication can use XMPP
accounts I'm afraid that the answer is no. Wiki accounts are separate.

Matthew.

From stpeter at stpeter.im  Mon Jan 12 13:15:50 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 12 Jan 2009 12:15:50 -0700
Subject: [jdev] Pidgin survey results
Message-ID: <496B96E6.9010601@stpeter.im>

Some interesting numbers here:

http://pidgin.im/survey/results/survey0summary.html

In particular, "Which of the following protocol types do you use?"
yields the following numbers:

MSN 	67%
Google	51%
ICQ 	44%
XMPP 	39%
Yahoo 	32%
AIM 	28%
IRC 	23%

Everything else is in the single digits.

/psa

From nathanfritz at gmail.com  Mon Jan 12 14:34:25 2009
From: nathanfritz at gmail.com (Nathan Fritz)
Date: Mon, 12 Jan 2009 12:34:25 -0800
Subject: [jdev] Pidgin survey results
In-Reply-To: <496B96E6.9010601@stpeter.im>
References: <496B96E6.9010601@stpeter.im>
Message-ID: <182eea400901121234i638cd234k431c536326033029@mail.gmail.com>

Too bad that Google and XMPP aren't combined.  They could have 90% people
using XMPP and not know it.  However, it's more likely that there's some
overlap there, and it's more like 70%.  It's hard to say.

On Mon, Jan 12, 2009 at 11:15 AM, Peter Saint-Andre <stpeter at stpeter.im>wrote:

> Some interesting numbers here:
>
> http://pidgin.im/survey/results/survey0summary.html
>
> In particular, "Which of the following protocol types do you use?"
> yields the following numbers:
>
> MSN     67%
> Google  51%
> ICQ     44%
> XMPP    39%
> Yahoo   32%
> AIM     28%
> IRC     23%
>
> Everything else is in the single digits.
>
> /psa
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.jabber.org/pipermail/jdev/attachments/20090112/470f409b/attachment.htm 

From justin-keyword-jabber.093179 at affinix.com  Mon Jan 12 18:47:49 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Mon, 12 Jan 2009 16:47:49 -0800
Subject: [jdev] Pidgin survey results
In-Reply-To: <496B96E6.9010601@stpeter.im>
References: <496B96E6.9010601@stpeter.im>
Message-ID: <200901121647.49734.justin-keyword-jabber.093179@affinix.com>

On Monday 12 January 2009 11:15:50 Peter Saint-Andre wrote:
> Some interesting numbers here:
>
> http://pidgin.im/survey/results/survey0summary.html
>
> In particular, "Which of the following protocol types do you use?"
> yields the following numbers:
>
> MSN 	67%
> Google	51%
> ICQ 	44%
> XMPP 	39%
> Yahoo 	32%
> AIM 	28%
> IRC 	23%

In the survey, Linux was the most-used platform, and ICQ is ahead of both AIM 
and Yahoo.  So, there's clearly some geeky/regional bias.

However, it's good to know that among these types of users, XMPP ranks highly.

-Justin

From spike411.3lxvxz at no-mx.jabberforum.org  Tue Jan 13 00:48:01 2009
From: spike411.3lxvxz at no-mx.jabberforum.org (spike411)
Date: Tue, 13 Jan 2009 07:48:01 +0100
Subject: [jdev] Pidgin survey results
References: <496B96E6.9010601@stpeter.im>
Message-ID: <spike411.3lxvxz@no-mx.jabberforum.org>


You might also be interested in Adium results (from Sparkle
auto-update):

http://www.adiumx.com/sparkle/


-- 
spike411
------------------------------------------------------------------------
spike411's Profile: http://www.jabberforum.org/member.php?userid=17075
View this thread: http://www.jabberforum.org/showthread.php?t=1319


From gmsk19 at gmail.com  Tue Jan 13 01:27:52 2009
From: gmsk19 at gmail.com (shashi kiran)
Date: Tue, 13 Jan 2009 12:57:52 +0530
Subject: [jdev] Pidgin survey results
In-Reply-To: <spike411.3lxvxz@no-mx.jabberforum.org>
References: <496B96E6.9010601@stpeter.im>
	<spike411.3lxvxz@no-mx.jabberforum.org>
Message-ID: <84a4eed70901122327y7f05b6day4fef93f4862f41cc@mail.gmail.com>

I Agree with Nathan about combining XMPP and GoogleTalk Numbers. Yahoo is on
its way down.  Don't be surprised the if MSN usage goes down in next year's
poll not that it is bad protocol but the its just that XMPP is far more
convenient.

On Tue, Jan 13, 2009 at 12:18 PM, spike411 <
spike411.3lxvxz at no-mx.jabberforum.org> wrote:

>
> You might also be interested in Adium results (from Sparkle
> auto-update):
>
> http://www.adiumx.com/sparkle/
>
>
> --
> spike411
> ------------------------------------------------------------------------
> spike411's Profile: http://www.jabberforum.org/member.php?userid=17075
> View this thread: http://www.jabberforum.org/showthread.php?t=1319
>
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>



-- 
Regards
Shashi Kiran G M
Software Engineer
Geodesic Information Systems Pvt Ltd
(http://messenger.mundu.com)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.jabber.org/pipermail/jdev/attachments/20090113/090201a3/attachment.htm 

From remko at el-tramo.be  Tue Jan 13 01:54:52 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Tue, 13 Jan 2009 08:54:52 +0100
Subject: [jdev] Pidgin survey results
In-Reply-To: <200901121647.49734.justin-keyword-jabber.093179@affinix.com>
References: <496B96E6.9010601@stpeter.im>
	<200901121647.49734.justin-keyword-jabber.093179@affinix.com>
Message-ID: <133fd4c60901122354l3d7bfb17mfad19e0b27040b20@mail.gmail.com>

> In the survey, Linux was the most-used platform, and ICQ is ahead of both AIM
> and Yahoo.  So, there's clearly some geeky/regional bias.

Exactly. Since Pidgin is mostly a Linux client, it attracts certain
crowds (although it might be shifting a little bit with Ubuntu).

The Adium results on the other hand are a lot more significant i
think. Most Mac users I know use Adium for their IM needs (so it's not
just a geek thing), and Mac users cover a big spectrum of users. And
the results indeed look more like expected: MSN and AIM way up there.
Google Talk is still quite high though, so that's cool.

cheers,
Remko

From richard at indigo3.net  Wed Jan 14 03:20:11 2009
From: richard at indigo3.net (Richard Smith)
Date: Wed, 14 Jan 2009 10:20:11 +0100
Subject: [jdev] Mixing Attribute Namespaces
Message-ID: <496DAE4B.5030807@indigo3.net>

Hello,

I've been having a think over the past few days and have been wondering if
applying namespaces on an attribute level is valid within XMPP, and if there
are any guidelines as to attribute specifications used.

What I'm pondering is while the following is valid XML, is it valid under XMPP?

<message
 to="..."
 from="..."
 xmlns:magicNS="urn:blah:etc"
 magicNS:attr1="..." >...


From m at tthias.eu  Wed Jan 14 03:27:45 2009
From: m at tthias.eu (Matthias Wimmer)
Date: Wed, 14 Jan 2009 10:27:45 +0100
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <496DB011.2040409@tthias.eu>

Hi Richard,

Richard Smith schrieb:
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...

Why should it be bad? I don't see why it should be forbidden neither do 
I see where it should cause harm.

You should just keep in mind, that

<message xmlns='jabber:client' to='...' from='...'>...
and
<foo:message xmlns='jabber:client' to='...' from='...'>...

are from the pure XML point of view the same as a 'normal' stanza 
without the xmlns attribute,

while

<message xmlns:foo='jabber:client' foo:to='...' foo:from='...'>...
and
<foo:message xmlns:foo='jabber:client' foo:to='...' foo:from='...'>...

are not equivalent to the above to stanzas. I.e. an attribute name 
without a prefix does not denote an attribute in the default namespace, 
but an attribute that belongs to the element.


Matthias

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3271 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/jdev/attachments/20090114/1ad81fc3/attachment.bin 

From dave at cridland.net  Wed Jan 14 03:39:24 2009
From: dave at cridland.net (Dave Cridland)
Date: Wed, 14 Jan 2009 09:39:24 +0000
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <12062.1231925964.315880@peirce.dave.cridland.net>

On Wed Jan 14 09:20:11 2009, Richard Smith wrote:
> Hello,
> 
> I've been having a think over the past few days and have been  
> wondering if
> applying namespaces on an attribute level is valid within XMPP, and  
> if there
> are any guidelines as to attribute specifications used.
> 
> What I'm pondering is while the following is valid XML, is it valid  
> under XMPP?
> 
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...
> 
> From what I understand in RFC3920 this would be ok, however mildly  
> confusing
> etc.
> 
> Am I right in thinking that while this is valid, it's generally not  
> good for
> client understanding? Not that I care much in this context anyway  
> since I'm
> using XMPP as a transport protocol for something non-IM based, but  
> it's
> always good to know :)

Strictly, I think this is valid, however I'm not convinced that all  
servers would pass it through - my understanding is that stanza-level  
attributes are essentially reserved for hop-by-hop work. I'm not sure  
that's a hard and fast rule, but it certainly fits my experience.

On the other hand, putting namespaced elements (or attributes) inside  
a stanza will get passed through for certain, as well as being more a  
more traditional extension technique.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade

From tomek at xiaoka.com  Wed Jan 14 04:07:26 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Wed, 14 Jan 2009 11:07:26 +0100
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <1231927646.5718.83.camel@wing>

Dnia 2009-01-14, ?ro o godzinie 10:20 +0100, Richard Smith pisze:
> What I'm pondering is while the following is valid XML, is it valid
> under XMPP?
> 
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...
> 
> >From what I understand in RFC3920 this would be ok, however mildly
> confusing
> etc.
> 
> Am I right in thinking that while this is valid, it's generally not
> good for
> client understanding? Not that I care much in this context anyway
> since I'm
> using XMPP as a transport protocol for something non-IM based, but
> it's
> always good to know :)

It is valid.

Historically (in pre-XMPP jabber network) most clients did not support
xmlns. This is why there are some strange restrictions applied on XMPP
streams.
But todays XMPP requires full xml namespace support, and IIRC GTalk uses
them extensively, so sooner or later all servers and clients would
support xmlns correctly.


-- 



From stpeter at stpeter.im  Wed Jan 14 11:29:18 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Wed, 14 Jan 2009 10:29:18 -0700
Subject: [jdev] [Fwd: [Summit] logistics]
Message-ID: <496E20EE.7050806@stpeter.im>

FYI. Join the summit at xmpp.org list if you'll be at FOSDEM and want to
participate in any of these activities.

-------- Original Message --------
Subject: [Summit] logistics
Date: Wed, 14 Jan 2009 10:13:28 -0700
From: Peter Saint-Andre <stpeter at stpeter.im>
Reply-To: XMPP Summit <summit at xmpp.org>
To: summit at xmpp.org

The Jingle Thingle (Friday) and the XMPP Summit (Monday) will take place
at the Hotel Bedford:

http://www.hotelbedford.be/

Details here:

http://xmpp.org/summit/summit6.shtml

The rate for sleeping rooms seems quite reasonable at the Bedford. There
is a booking.com link at the Summit6 page. Room sharing is encouraged
and we can hook people up on this list.

Peter


From elmex at x-paste.de  Thu Jan 15 10:21:57 2009
From: elmex at x-paste.de (Robin Redeker)
Date: Thu, 15 Jan 2009 17:21:57 +0100
Subject: [jdev] GSSAPI and service hostname
Message-ID: <20090115162157.GA5746@elmex2>

Hi!


I've received a bugreport for my Perl module AnyEvent::XMPP recently,
that says that I should not pass the domain of the JID as service hostname
to SASL (and later the GSSAPI mechanism).

Then I've been trying to figure out how the JID is mapped to the service
hostname of the XMPP server for GSSAPI authentication, bringing me to the
conclusion that the RFC 3920 (bis) doesn't say much about the _hostname_
of the service.

So here my question to the broad mass of developers: How should I determine
the hostname of the service I'm authenticating with?

I also wonder which server supports GSSAPI mechanims, so that I can
test implementation.


Thanks,
   Robin

-- 
Robin Redeker                         | Deliantra, the free code+content MORPG
elmex at ta-sa.org / r.redeker at gmail.com | http://www.deliantra.net
http://www.ta-sa.org/                 |

From stpeter at stpeter.im  Thu Jan 15 10:51:30 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 15 Jan 2009 09:51:30 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <20090115162157.GA5746@elmex2>
References: <20090115162157.GA5746@elmex2>
Message-ID: <496F6992.90604@stpeter.im>

Robin Redeker wrote:
> Hi!
> 
> 
> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
> that says that I should not pass the domain of the JID as service hostname
> to SASL (and later the GSSAPI mechanism).
> 
> Then I've been trying to figure out how the JID is mapped to the service
> hostname of the XMPP server for GSSAPI authentication, bringing me to the
> conclusion that the RFC 3920 (bis) doesn't say much about the _hostname_
> of the service.

RFC 3920 (or rfc3920bis) doesn't get into the details of particular SASL
mechanisms. As far as I know, GSSAPI is the only SASL mechanism that
uses the service hostname -- the other mechanisms tend to accept only
the username portion of the JID (or a certificate that contains the JID).

> So here my question to the broad mass of developers: How should I determine
> the hostname of the service I'm authenticating with?

As we discussed in the jdev room yesterday, I think you would use the
machine-name that you discovered via SRV lookup:

http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06

> I also wonder which server supports GSSAPI mechanims, so that I can
> test implementation.

It's not the most popular SASL mechanism because not that many
organizations deploy Kerberos.

Peter


From justin-keyword-jabber.093179 at affinix.com  Thu Jan 15 11:09:41 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Thu, 15 Jan 2009 09:09:41 -0800
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F6992.90604@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
Message-ID: <200901150909.41545.justin-keyword-jabber.093179@affinix.com>

On Thursday 15 January 2009 08:51:30 Peter Saint-Andre wrote:
> As we discussed in the jdev room yesterday, I think you would use the
> machine-name that you discovered via SRV lookup:
>
> http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06

Yes, this is the consensus.

There is, however, some worry about DNS-based attacks, since the connect host 
is derived insecurely through the SRV lookup.  One obvious but totally 
impractical fix is to use DNSSEC.  Another is to use XEP-233.  Yet another is 
to offer some explicit trust mechanisms in the client (e.g. a field where the 
user can type the connect host in advance, to mark as trusted).

-Justin

From stpeter at stpeter.im  Thu Jan 15 11:19:44 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 15 Jan 2009 10:19:44 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <200901150909.41545.justin-keyword-jabber.093179@affinix.com>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
Message-ID: <496F7030.1070805@stpeter.im>

Justin Karneges wrote:
> On Thursday 15 January 2009 08:51:30 Peter Saint-Andre wrote:
>> As we discussed in the jdev room yesterday, I think you would use the
>> machine-name that you discovered via SRV lookup:
>>
>> http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06
> 
> Yes, this is the consensus.
> 
> There is, however, some worry about DNS-based attacks, since the connect host 
> is derived insecurely through the SRV lookup.  

Correct.

> One obvious but totally 
> impractical fix is to use DNSSEC.  

DNSSEC is seeing more deployment, but it's taking a long time. I don't
know that I'd call it totally impractical, though.

> Another is to use XEP-233.  

AFAIK, no servers implement that yet, and in any case it was designed
for a slightly different use case (basically situations in which DNS SRV
results don't tell you the hostname of the connection manager you're
talking to because load balancers are in use).

> Yet another is 
> to offer some explicit trust mechanisms in the client (e.g. a field where the 
> user can type the connect host in advance, to mark as trusted).

Right. This is similar to how some clients handle such things now. See
rfc3920bis for details:

http://xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-08.html#tcp-resolution

/psa

From linuxwolf at outer-planes.net  Thu Jan 15 12:02:24 2009
From: linuxwolf at outer-planes.net (Matthew A. Miller)
Date: Thu, 15 Jan 2009 11:02:24 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F7030.1070805@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
	<496F7030.1070805@stpeter.im>
Message-ID: <AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>

On Jan 15, 2009, at 10:19, Peter Saint-Andre wrote:
>> Another is to use XEP-233.
>
> AFAIK, no servers implement that yet, and in any case it was designed
> for a slightly different use case (basically situations in which DNS  
> SRV
> results don't tell you the hostname of the connection manager you're
> talking to because load balancers are in use).

Besides, XEP-233 isn't any more secure than the SRV lookup.

*  If you can't trust the name from the SRV lookup that sent you to  
this (possibly fake) server, why can you now trust the value provided  
via XEP-233 from that server?
*  If you trust the XEP-233 result because you've got a secure channel  
(STARTTLS) and trusted their certificate, then why can't you now trust  
the SRV result?

 From my own observations and experiences, Deployments involving  
GSSAPI require significant planning, and is almost always undertaken  
because of the organization's security policy.  I've not seen such a  
policy that mandating GSSAPI, but then ignored issues around network  
name resolution.

So back to the original poster:
My recommendation for your library would be to rely on the (FQDN of  
the) hostname used to establish the XMPP/TCP connection, but make sure  
you have a way to manually bypass DNS SRV for establishing said  
connection (i.e. explicit hostname for the socket connection).  If the  
users of the library are willing to trust the hostname enough to get  
to the point where authentication is attempted, then odds are they're  
willing (or rather, required) to trust that hostname in obtaining the  
service principal credentials.

--
Matthew A. Miller
linuxwolf at outer-planes.net




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2238 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/jdev/attachments/20090115/cf8d5aaa/attachment.bin 

From justin-keyword-jabber.093179 at affinix.com  Thu Jan 15 13:30:09 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Thu, 15 Jan 2009 11:30:09 -0800
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>
References: <20090115162157.GA5746@elmex2> <496F7030.1070805@stpeter.im>
	<AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>
Message-ID: <200901151130.09071.justin-keyword-jabber.093179@affinix.com>

On Thursday 15 January 2009 10:02:24 Matthew A. Miller wrote:
> Besides, XEP-233 isn't any more secure than the SRV lookup.
[...]
> *  If you trust the XEP-233 result because you've got a secure channel
> (STARTTLS) and trusted their certificate, then why can't you now trust
> the SRV result?

Hmm, this is an interesting question.

TLS validates the XMPP domain, not the connect host found in the SRV result.  
So an attacker could feed you an incorrect SRV result here, and then route 
your traffic (as-is, not attacking TLS) to the real XMPP server.  This would 
be enough for an attacker to cause you to use the wrong host in the Kerberos 
negotiation.

However, it's not clear to me if there is a real attack here.  With the wrong 
host, you may obtain a wrong Kerberos ticket but you'll attempt to use it 
with the "right" host which will result in a failed authentication (a DoS).  
Maybe if the "right" host has multiple host keys for the "xmpp" service, the 
attacker could cause you to successfully authenticate to the wrong XMPP host?  
Well, whether that attack is really a problem or not, at least XEP-233 does 
close it off.

-Justin

From sxw at inf.ed.ac.uk  Thu Jan 15 15:31:52 2009
From: sxw at inf.ed.ac.uk (Simon Wilkinson)
Date: Thu, 15 Jan 2009 21:31:52 +0000
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F7030.1070805@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
	<496F7030.1070805@stpeter.im>
Message-ID: <9BF110DC-8D5D-4300-BD39-90C59C954F25@inf.ed.ac.uk>


On 15 Jan 2009, at 17:19, Peter Saint-Andre wrote:
>
> AFAIK, no servers implement that yet, and in any case it was designed
> for a slightly different use case (basically situations in which DNS  
> SRV
> results don't tell you the hostname of the connection manager you're
> talking to because load balancers are in use).

GSSAPI domain based names are specifically designed to deal with the  
problem where the connection host is derived through an insecure SRV  
lookup, so they're exactly the correct tool to use to resolve this  
issue. The problem is with knowing what the other end is prepared to  
accept. I suppose if you're using your own SASL implementation you  
could do a gss_init_sec_context() for the domain based name first, and  
if that fails, fall back to using the hostname you got through the SRV  
lookup.

Simon.


From tomek at xiaoka.com  Fri Jan 16 07:02:53 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Fri, 16 Jan 2009 14:02:53 +0100
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <20090115162157.GA5746@elmex2>
References: <20090115162157.GA5746@elmex2>
Message-ID: <1232110973.5169.8.camel@wing>

Dnia 2009-01-15, czw o godzinie 17:21 +0100, Robin Redeker pisze:
> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
> that says that I should not pass the domain of the JID as service hostname
> to SASL (and later the GSSAPI mechanism).

I think you should.

It's server job to map the provided domain name to a specific hostname.
Just like it is server job to map the domain name to a realm, in case of
DIGEST-MD5.


> I also wonder which server supports GSSAPI mechanims, so that I can
> test implementation.

http://jabberd2.xiaoka.com/
Although its not tested much.

-- 



From sxw at inf.ed.ac.uk  Fri Jan 16 07:23:15 2009
From: sxw at inf.ed.ac.uk (Simon Wilkinson)
Date: Fri, 16 Jan 2009 13:23:15 +0000
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <1232110973.5169.8.camel@wing>
References: <20090115162157.GA5746@elmex2> <1232110973.5169.8.camel@wing>
Message-ID: <E8C194DC-6261-461D-9524-94BBE85A6253@inf.ed.ac.uk>


On 16 Jan 2009, at 13:02, Tomasz Sterna wrote:

> Dnia 2009-01-15, czw o godzinie 17:21 +0100, Robin Redeker pisze:
>> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
>> that says that I should not pass the domain of the JID as service  
>> hostname
>> to SASL (and later the GSSAPI mechanism).
>
> I think you should.

Not with GSSAPI, and not if you want to be compatible with anyone else.

The GSSAPI SASL mechanism needs to know the service hostname so it can  
talk construct a request for the correct service principal to the KDC.  
It has to know a hostname, because that's the way that Kerberos has  
traditionally worked - a service principal contains the name of the  
host running the service, not of the domain that the service is being  
run for. This has been discussed a number of times on the jdev list,  
and within the Kerberos community, and those of us who have  
implemented XMPP clients and servers supporting GSSAPI have come to  
the consensus that this is the current correct behaviour.

In the longer term, as I noted in a previous post, domain based names  
are the way forwards. This is going to definitely require changes to  
the common SASL APIs, and possibly to the SASL GSSAPI wire  
specification (although 'GSSAPI' which we're all still using has  
already been superceded by GS2)

> It's server job to map the provided domain name to a specific  
> hostname.
> Just like it is server job to map the domain name to a realm, in  
> case of
> DIGEST-MD5.

The server can't do this in a way that's safe - bear in mind that with  
Kerberos, it's the client side that needs to know who it's talking to  
- it's not a case of mapping incoming connections into an  
authentication realm (in the way that DIGEST-MD5 does). Allowing the  
client to ask the server 'who are you today?' immediately opens the  
way for MITM attacks, and defeats the whole point of using GSSAPI in  
the first place.

>> I also wonder which server supports GSSAPI mechanims, so that I can
>> test implementation.
>
> http://jabberd2.xiaoka.com/
> Although its not tested much.

We're using a version of jabberd2 with Cyrus SASL to provide GSSAPI  
support. It works well for us, and is what most of the client GSSAPI  
support (Pidgin, Adium, etc) which I wrote was originally tested  
against, but it's not what's currently being distributed. Openfire has  
a GSSAPI implementation that libpurple's code has been tested against  
that a number of big Kerberos users are using in production. I believe  
there are also patches for Kerberos support in ejabberd, but I'm not  
sure if they've been integrated, and I'm not aware of any  
interoperability testing that has been done.

Cheers,

Simon.


From julien.genestoux at gmail.com  Sat Jan 17 15:46:26 2009
From: julien.genestoux at gmail.com (Julien Genestoux)
Date: Sat, 17 Jan 2009 13:46:26 -0800
Subject: [jdev] XMPP Meetup in San Francisco
Message-ID: <26c0cf900901171346qae8acfcx686b8aa4497256dd@mail.gmail.com>

Hey!

First : Happy New Year! May it be yet another year of great growth for the
XMPP Community!

I just wanted to let you guys know that we're organizing the first XMPP
Meetup in San Francisco, CA on February 18th, right after XMPP Summit.

Feel free to join us: http://bit.ly/xmpp_sf
Also, we're looking for speakers/topics, so feel free to suggest anything
you'd like to see covered at is event.

Thanks a lot!

Julien

PS: please let me know if it's inapropriate to use this ML for this.

--
Julien Genestoux
http://www.ouvre-boite.com
http://blog.notifixio.us

+1 (415) 254 7340
+33 (0)9 70 44 76 29
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.jabber.org/pipermail/jdev/attachments/20090117/85ddce29/attachment.htm 

From richard at indigo3.net  Sun Jan 25 10:06:19 2009
From: richard at indigo3.net (Richard Smith)
Date: Sun, 25 Jan 2009 17:06:19 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
Message-ID: <497C8DFB.3080503@indigo3.net>

Hello!

I'm just putting some specs together for a project I'll be working on, 
and I was wondering...

XMPP RFC3290 specifies SASL namespaces and implementation within the 
scope of authenticating init-to-responder streams. Can this namespace be 
used at a lower level?

I've read through the SASL sections, and it doesn't actually say that 
the authentication scheme cannot be used in-band to communicate with a 
remote host?

The situation is that I'm got to build a client and component to do some 
notification magic. The 'client' part however might be on jabber.org, or 
another xmpp server entirely.

So, I know it's probably unsupported by most if not all the clients, but 
is it possible to re-use SASL namespaces to authenticate a user against 
a remote XMPP component using SASL?

-- 
Rich

From dmeyer at tzi.de  Sun Jan 25 11:23:51 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Sun, 25 Jan 2009 18:23:51 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <497C8DFB.3080503@indigo3.net> (Richard Smith's message of "Sun\,
	25 Jan 2009 17\:06\:19 +0100")
References: <497C8DFB.3080503@indigo3.net>
Message-ID: <87mydf47vc.fsf@phex.sachmittel.de>

Richard Smith wrote:
> I've read through the SASL sections, and it doesn't actually say that 
> the authentication scheme cannot be used in-band to communicate with a 
> remote host?
>
> So, I know it's probably unsupported by most if not all the clients, but 
> is it possible to re-use SASL namespaces to authenticate a user against 
> a remote XMPP component using SASL?

Thinking of web services connected over XMPP, this sounds useful. Maybe
we can define some sort of SASL in IQ stanzas. But this will be an
insecure connection. Maybe you want to use E2E security in this use
case.


Dirk

-- 
This is Linux country. If you listen carefully, you can hear Windows
reboot...

From richard at indigo3.net  Sun Jan 25 11:29:24 2009
From: richard at indigo3.net (Richard Smith)
Date: Sun, 25 Jan 2009 18:29:24 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <87mydf47vc.fsf@phex.sachmittel.de>
References: <497C8DFB.3080503@indigo3.net> <87mydf47vc.fsf@phex.sachmittel.de>
Message-ID: <497CA174.7000101@indigo3.net>

Dirk Meyer wrote:
> Thinking of web services connected over XMPP, this sounds useful. Maybe
> we can define some sort of SASL in IQ stanzas. But this will be an
> insecure connection. Maybe you want to use E2E security in this use
> case.

E2E secures the transport... SASL in IQ stanzas would authenticate the 
user... This is my thinking at least...

-- 
Rich

From dmeyer at tzi.de  Sun Jan 25 12:30:39 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Sun, 25 Jan 2009 19:30:39 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <497CA174.7000101@indigo3.net> (Richard Smith's message of "Sun\,
	25 Jan 2009 18\:29\:24 +0100")
References: <497C8DFB.3080503@indigo3.net> <87mydf47vc.fsf@phex.sachmittel.de>
	<497CA174.7000101@indigo3.net>
Message-ID: <87hc3n44s0.fsf@phex.sachmittel.de>

Richard Smith wrote:
> Dirk Meyer wrote:
>> Thinking of web services connected over XMPP, this sounds useful. Maybe
>> we can define some sort of SASL in IQ stanzas. But this will be an
>> insecure connection. Maybe you want to use E2E security in this use
>> case.
>
> E2E secures the transport... SASL in IQ stanzas would authenticate the 
> user... This is my thinking at least...

Yes, but if we need authentication to make the transport secure, we need
to know that there is no man-in-the-middle. I guess TLS-SRP would work
perfect for you: the user provides a password with SRP and the peer
provides a certificate the user can check. Based on that the channel
will be secure.

If you only do SASL, you can not be sure that someone changes the data
after the SASL authentication. Maybe you don't need to if you trust the
XMPP servers involved.


Dirk

-- 
panic("kmem_cache_init(): Offsets are wrong - I've been messed with!");
	2.2.16 /usr/src/linux/mm/slab.c

From tjulien at limewire.com  Sun Jan 25 15:03:12 2009
From: tjulien at limewire.com (Tim Julien)
Date: Sun, 25 Jan 2009 16:03:12 -0500
Subject: [jdev] facebook jabber?
Message-ID: <497CD390.4090701@limewire.com>

anyone heard any updates on this?

http://developers.facebook.com/news.php?blog=1&story=110

-Tim

From justin-keyword-jabber.093179 at affinix.com  Sun Jan 25 15:49:15 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Sun, 25 Jan 2009 13:49:15 -0800
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <87hc3n44s0.fsf@phex.sachmittel.de>
References: <497C8DFB.3080503@indigo3.net> <497CA174.7000101@indigo3.net>
	<87hc3n44s0.fsf@phex.sachmittel.de>
Message-ID: <200901251349.15477.justin-keyword-jabber.093179@affinix.com>

On Sunday 25 January 2009 10:30:39 Dirk Meyer wrote:
> If you only do SASL, you can not be sure that someone changes the data
> after the SASL authentication. Maybe you don't need to if you trust the
> XMPP servers involved.

It depends on the SASL mechanism.  With DIGEST-MD5, for example, you can have 
a mutually authenticated session with integrity protection (and encryption).

I think our e2e proposal should promote TLS + SASL EXTERNAL as the common 
case, but we should not require TLS and we should allow any SASL mechanism.  
This way, someone could create a password-based service running at a JID.

-Justin

From justin-keyword-jabber.093179 at affinix.com  Sun Jan 25 16:10:28 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Sun, 25 Jan 2009 14:10:28 -0800
Subject: [jdev] facebook jabber?
In-Reply-To: <497CD390.4090701@limewire.com>
References: <497CD390.4090701@limewire.com>
Message-ID: <200901251410.28336.justin-keyword-jabber.093179@affinix.com>

On Sunday 25 January 2009 13:03:12 Tim Julien wrote:
> anyone heard any updates on this?
>
> http://developers.facebook.com/news.php?blog=1&story=110

http://bugs.developers.facebook.com/show_bug.cgi?id=3152

The latest word as of November is: "some people are working on this.  it will 
probably be done in a few months.  sorry the timeline isn't more clear."

From Dean at cognation.net  Sun Jan 25 19:41:35 2009
From: Dean at cognation.net (Dean Collins)
Date: Sun, 25 Jan 2009 20:41:35 -0500
Subject: [jdev] facebook jabber?
In-Reply-To: <200901251410.28336.justin-keyword-jabber.093179@affinix.com>
References: <497CD390.4090701@limewire.com>
	<200901251410.28336.justin-keyword-jabber.093179@affinix.com>
Message-ID: <3685A8FD247FA94C957C4304AB386A041A1432@cognationsvr1.Cognation.local>

What are people planning on doing with this?

I've got some initial thoughts but apart from setting status (which is a
minor feature of my app at the very most) so am curious if I'm missing
something.


Regards,

Dean Collins
Cognation Inc
dean at cognation.net
+1-212-203-4357   New York
+61-2-9016-5642   (Sydney in-dial).
+44-20-3129-6001 (London in-dial).

> -----Original Message-----
> From: jdev-bounces at jabber.org [mailto:jdev-bounces at jabber.org] On
Behalf Of
> Justin Karneges
> Sent: Sunday, 25 January 2009 5:10 PM
> To: Jabber/XMPP software development list
> Subject: Re: [jdev] facebook jabber?
> 
> On Sunday 25 January 2009 13:03:12 Tim Julien wrote:
> > anyone heard any updates on this?
> >
> > http://developers.facebook.com/news.php?blog=1&story=110
> 
> http://bugs.developers.facebook.com/show_bug.cgi?id=3152
> 
> The latest word as of November is: "some people are working on this.
it will
> probably be done in a few months.  sorry the timeline isn't more
clear."
> _______________________________________________
> JDev mailing list
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________

From dmeyer at tzi.de  Mon Jan 26 03:40:54 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Mon, 26 Jan 2009 10:40:54 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <200901251349.15477.justin-keyword-jabber.093179@affinix.com>
	(Justin Karneges's message of "Sun\,
	25 Jan 2009 13\:49\:15 -0800")
References: <497C8DFB.3080503@indigo3.net> <497CA174.7000101@indigo3.net>
	<87hc3n44s0.fsf@phex.sachmittel.de>
	<200901251349.15477.justin-keyword-jabber.093179@affinix.com>
Message-ID: <87bptu4d7d.fsf@phex.sachmittel.de>

Justin Karneges wrote:
> On Sunday 25 January 2009 10:30:39 Dirk Meyer wrote:
>> If you only do SASL, you can not be sure that someone changes the data
>> after the SASL authentication. Maybe you don't need to if you trust the
>> XMPP servers involved.
>
> It depends on the SASL mechanism.  With DIGEST-MD5, for example, you can have 
> a mutually authenticated session with integrity protection (and encryption).

I did not know that.

> I think our e2e proposal should promote TLS + SASL EXTERNAL as the common 
> case, but we should not require TLS and we should allow any SASL mechanism.  
> This way, someone could create a password-based service running at a JID.

It may get things more complicated, but agree, it should be
considered. This seems to be the logical choise for communicating with
external (web) services.


Dirk

-- 
The three most dangerous things are a programmer with a soldering iron,
a manager who codes, and a user who gets ideas.

From stpeter at stpeter.im  Mon Jan 26 15:25:16 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 26 Jan 2009 14:25:16 -0700
Subject: [jdev] X.509 clientAuth and serverAuth bits in s2s TLS
Message-ID: <497E2A3C.9080000@stpeter.im>

[Please send follow-ups to the security at xmpp.org list.]

In certificates used for web servers, it is possible to set the
clientAuth and serverAuth bits in certs offered by a browser or a web
server (respectively).

Life is a little more complicated in XMPP because an XMPP server can act
as a TLS client for server-to-server (s2s) connections. That is, the
XMPP server that initiates the s2s connection acts as a TLS client and
the XMPP server that receives the s2s connection acts as a TLS server.
Therefore an XMPP server can act as either a TLS client or a TLS server.

My question is: do any XMPP server codebases (or the TLS libraries they
use) depend on inclusion of the clientAuth or serverAuth bits in order
to function properly? The problem I foresee is that an XMPP server might
fail on an attempt to encrypt an s2s connection if the cert presented by
the peer server does not include the clientAuth or serverAuth bit.

Thanks!

/psa

From stpeter at stpeter.im  Mon Jan 26 16:31:22 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 26 Jan 2009 15:31:22 -0700
Subject: [jdev] Oracle Beehive
Message-ID: <497E39BA.6040208@stpeter.im>

It seems that Oracle's Beehive suite contains support for XMPP:

http://www.oracle.com/technology/products/beehive/platform.html

http://download.oracle.com/docs/cd/E13789_01/bh.100/e13791/xmpp.htm

Doe anyone on this list have experience with this software?

/psa



From mateusz.bilinski at gmail.com  Wed Jan 28 12:21:35 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Wed, 28 Jan 2009 19:21:35 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
Message-ID: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>

Hi.
Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
XEP-0004 [3] (+ XEP-0050 [4])?

My question is how to get JID of sender in command handler - the only
thing that it gets is 'form' and 'sessionid' (and none of this can
point out to full jid of sender).

If received XML was available in handler it would be easy to access
JabberID (code: xml.attrib['from']). Commands handling (and arguments
passing) is in file sleekxmpp/plugins/xep_0050.py).

I understand this question is pretty specific, but maybe someone had
similar problem. Kev? :>

[1] http://code.google.com/p/sleekxmpp/
[2] http://code.google.com/p/sleekbot/
[3] http://xmpp.org/extensions/xep-0004.html
[4] http://xmpp.org/extensions/xep-0050.html

-- 
Regards,
Mateusz Bili?ski (vArDo)

From remko at el-tramo.be  Wed Jan 28 13:41:01 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Wed, 28 Jan 2009 20:41:01 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
Message-ID: <133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>

> Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
> XEP-0004 [3] (+ XEP-0050 [4])?

Yes, it's even used in the book ;-)

> My question is how to get JID of sender in command handler - the only
> thing that it gets is 'form' and 'sessionid' (and none of this can
> point out to full jid of sender).

self.xmpp.plugin['xep_0050'].sessions[sessionId]['jid']

cheers,
Remko

From dereulenspiegel.3mrymn at no-mx.jabberforum.org  Thu Jan 29 06:33:12 2009
From: dereulenspiegel.3mrymn at no-mx.jabberforum.org (dereulenspiegel)
Date: Thu, 29 Jan 2009 13:33:12 +0100
Subject: [jdev] XEP-0174 (Link-local) support in Smack
References: <b6ae9fe90811262338q28dcdf85qc72ee4c34847968@mail.gmail.com>
	<b6ae9fe90812240145h5b5d7e1bxfed73c2d60d3809@mail.gmail.com>
Message-ID: <dereulenspiegel.3mrymn@no-mx.jabberforum.org>


Does anyone has a copy of this git repo? I tried to clone it but this
fails. I also tried to apply the patch he posted on ignite forums but
this patch seems to need a modified version of jmdns. Or does anyone
have a completely build and functional version if this?


-- 
dereulenspiegel
------------------------------------------------------------------------
dereulenspiegel's Profile: http://www.jabberforum.org/member.php?userid=17410
View this thread: http://www.jabberforum.org/showthread.php?t=1140


From mateusz.bilinski at gmail.com  Thu Jan 29 18:24:10 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Fri, 30 Jan 2009 01:24:10 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
Message-ID: <60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>

On Wed, Jan 28, 2009 at 20:41, Remko Tron?on <remko at el-tramo.be> wrote:
>> Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
>> XEP-0004 [3] (+ XEP-0050 [4])?
>
> Yes, it's even used in the book ;-)

Great to hear that. It's a really nice lib IMHO. :)

>> My question is how to get JID of sender in command handler - the only thing
>> that it gets is 'form' and 'sessionid' (and none of this can point out to
>> full jid of sender).
>
> self.xmpp.plugin['xep_0050'].sessions[sessionId]['jid']

Unfortunately, this does not work for me. I get KeyError (no 'jid').

Here's what's in my self.bot.plugin['xep_0050'].sessions[sessionID]:

{'next':
    <bound method memberbot.votingHandler of
		 <plugins.memberbot.memberbot object at 0x339fa90>>,
 'past':
		[(<sleekxmpp.plugins.xep_0004.Form object at 0x33c9a10>, None)]}

Item at 'next' key is my command handler. At 'past' I have Form object from
which I cannot however JID (as stated in previous posts). I get these at
breakpoint in my handler method.

These values are set in xep_0050.handler_command (or
xep_0050.handler_command_next) in xep_0050.py plugin file.

I think I've pretty much investigated all surroundings of 'sessions'
dictionary and I cannot find sender JID.

I've checked out latest SleekXMPP version from SVN to see whether I don't have
some old version, but the code is pretty much the same in that file.

Maybe I'm missing something?

Of course, I could add code to above metioned xep_0050 methods (patching
SleekXMPP), like this one (to make your code work):

self.sessions[sessionid]['jid'] = xml.attrib['from']

However, I want to avoid changing libs code locally. Other approach would be
patch SleekXMPP officially - I don't have anything against it, but (once
again) maybe I'm missing something :)

-- 
Regards,
Mateusz Bili?ski

From remko at el-tramo.be  Fri Jan 30 01:34:33 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Fri, 30 Jan 2009 08:34:33 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
	<60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
Message-ID: <133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>

> I've checked out latest SleekXMPP version from SVN to see whether I don't have
> some old version, but the code is pretty much the same in that file.

Ah, we are currently working with the Seesmic branch
(svn://netflint.net/sleekxmpp/branches/seesmic/sleekxmpp), although
this one could be a little buggy for you. Maybe that branch has the
'jid', and the others don't?

FYI, Fritzy is going to consolidate the branches soon.

cheers,
Remko

From mateusz.bilinski at gmail.com  Fri Jan 30 06:56:57 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Fri, 30 Jan 2009 13:56:57 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
	<60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
	<133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>
Message-ID: <60278bef0901300456kb4eb7ebueb458bb3230f9e0a@mail.gmail.com>

On Fri, Jan 30, 2009 at 08:34, Remko Tron?on <remko at el-tramo.be> wrote:
>> I've checked out latest SleekXMPP version from SVN to see whether I don't have
>> some old version, but the code is pretty much the same in that file.
>
> Ah, we are currently working with the Seesmic branch
> (svn://netflint.net/sleekxmpp/branches/seesmic/sleekxmpp), although
> this one could be a little buggy for you. Maybe that branch has the
> 'jid', and the others don't?

Yeap, you're right. Case solved. In seesmic branch there's an
additional line xep_0050.py file:

self.sessions[sessionid]['jid'] = xml.get('from')

So it's pretty similar to what I've wanted to add.

I've used trunk instead of seesmic (I didn't even know that this was
the most active branch), because SleekBot used it as external
SleekXMPP repo in it's trunk. :)

> FYI, Fritzy is going to consolidate the branches soon.

Great to hear that. For now I'll probably add the mentioned line to my
code as it will probably stay in merged code.

Many thanks, Remko :)

-- 
Regards,
Mateusz Bili?ski

From jlist9 at gmail.com  Thu Jan  1 20:42:26 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 18:42:26 -0800
Subject: [jdev] Show values of the Presence Message
Message-ID: <564746040.20090101184226@gmail.com>

Hi,
  
I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.
dnd and away are easy to understand. I'm not sure about chat, xa or
none. Any pointers? Does "chat" mean actively chatting and none mean
available but not chatting? Or, is "chat" the normal status while none
means the user is logged out?

-- 
Thanks,
Jack



From stpeter at stpeter.im  Thu Jan  1 21:02:37 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 1 Jan 2009 20:02:37 -0700
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <564746040.20090101184226@gmail.com>
References: <564746040.20090101184226@gmail.com>
Message-ID: <20090102030237.GC25476@stpeter.im>

On Thu, Jan 01, 2009 at 06:42:26PM -0800, jlist wrote:

> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show



From jlist9 at gmail.com  Thu Jan  1 21:33:06 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 19:33:06 -0800
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <20090102030237.GC25476@stpeter.im>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
Message-ID: <979943364.20090101193306@gmail.com>

Thanks Peter!

Thursday, January 1, 2009, 7:02:37 PM, you wrote:

> On Thu, Jan 01, 2009 at 06:42:26PM -0800, jlist wrote:

>> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show




From jlist9 at gmail.com  Thu Jan  1 23:13:17 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 21:13:17 -0800
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <20090102030237.GC25476@stpeter.im>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
Message-ID: <382317849.20090101211317@gmail.com>

Speaking of presence messages, is there a way to tell from these
messages (or by any other means) that a buddy has gone off-line?

>> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show




From richard at indigo3.net  Fri Jan  2 02:21:32 2009
From: richard at indigo3.net (Richard Smith)
Date: Fri, 02 Jan 2009 09:21:32 +0100
Subject: [jdev] scaling a component
In-Reply-To: <4946B50F.4060806@buddycloud.com>
References: <4946B50F.4060806@buddycloud.com>
Message-ID: <495DCE8C.4050909@indigo3.net>

Simon Tennant wrote:
> Any tips or pointers would be most useful.  (I'll push the queries about
> load balancing components between servers to the ejabberd mailing list.)

If you happen to be running ejabberd as your core xmpp server, then just 
initiate multiple connections per comonent domain.

ejabberd is quite clever at scaling.

-- 
Richard






From machekku at uaznia.net  Fri Jan  2 02:30:56 2009
From: machekku at uaznia.net (Maciek Niedzielski)
Date: Fri, 02 Jan 2009 09:30:56 +0100
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <382317849.20090101211317@gmail.com>
References: <564746040.20090101184226@gmail.com>	<20090102030237.GC25476@stpeter.im>
	<382317849.20090101211317@gmail.com>
Message-ID: <495DD0C0.3080409@uaznia.net>

jlist wrote:
> Speaking of presence messages, is there a way to tell from these
> messages (or by any other means) that a buddy has gone off-line?

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.section.4.7.1

Basically, you send <presence type='unavailable'/>

-- 
Maciek
  xmpp:machekku at uaznia.net


From jlist9 at gmail.com  Fri Jan  2 15:49:01 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Fri, 2 Jan 2009 13:49:01 -0800
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <495DD0C0.3080409@uaznia.net>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
	<382317849.20090101211317@gmail.com> <495DD0C0.3080409@uaznia.net>
Message-ID: <1729456589.20090102134901@gmail.com>

Hello Maciek,

Thanks for your reply. I've added that but it doesn't seem to
solve my problem. What I'm trying to do is to log in with the
same user twice but bind to different resources. And I'd like
any of the two instances notified when the other instance logs out.

Do I need to explicitly subscribe to the other instances's presence
stanzas?

Jack

>> Speaking of presence messages, is there a way to tell from these
>> messages (or by any other means) that a buddy has gone off-line?

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.section.4.7.1

> Basically, you send <presence type='unavailable'/>




From lambda512 at gmail.com  Fri Jan  2 16:32:03 2009
From: lambda512 at gmail.com (naw)
Date: Fri, 2 Jan 2009 23:32:03 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <1729456589.20090102134901@gmail.com>
References: <564746040.20090101184226@gmail.com> <495DD0C0.3080409@uaznia.net>
	<1729456589.20090102134901@gmail.com>
Message-ID: <200901022332.03903.lambda512@gmail.com>

El Viernes 02 Enero 2009, jlist9 at gmail.com escribi?:
> Hello Maciek,
>
> Thanks for your reply. I've added that but it doesn't seem to
> solve my problem. What I'm trying to do is to log in with the
> same user twice but bind to different resources. And I'd like
> any of the two instances notified when the other instance logs out.
>
> Do I need to explicitly subscribe to the other instances's presence
> stanzas?
>
> Jack
>
> >> Speaking of presence messages, is there a way to tell from these
> >> messages (or by any other means) that a buddy has gone off-line?
> >
> > http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.s
> >ection.4.7.1
> >
> > Basically, you send <presence type='unavailable'/>
>

When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
<presence from="xxxx at jabberes.org/Home" type="unavailable" 
to="xxxx at jabberes.org/Psi" /> 

I don't remember to be subscribed explicitly to myself.


From jlist9 at gmail.com  Fri Jan  2 19:26:11 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Fri, 2 Jan 2009 17:26:11 -0800
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <200901022332.03903.lambda512@gmail.com>
References: <564746040.20090101184226@gmail.com> <495DD0C0.3080409@uaznia.net>
	<1729456589.20090102134901@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
Message-ID: <551372200.20090102172611@gmail.com>


>> Thanks for your reply. I've added that but it doesn't seem to
>> solve my problem. What I'm trying to do is to log in with the
>> same user twice but bind to different resources. And I'd like
>> any of the two instances notified when the other instance logs out.
>>
>> Do I need to explicitly subscribe to the other instances's presence
>> stanzas?
>>

> When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> <presence from="xxxx at jabberes.org/Home" type="unavailable" 
> to="xxxx at jabberes.org/Psi" /> 

> I don't remember to be subscribed explicitly to myself.

Hmm. Maybe the servers don't behave the same way. I was experimenting
with gtalk...



From lambda512 at gmail.com  Sat Jan  3 06:38:33 2009
From: lambda512 at gmail.com (naw)
Date: Sat, 3 Jan 2009 13:38:33 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <551372200.20090102172611@gmail.com>
References: <564746040.20090101184226@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
	<551372200.20090102172611@gmail.com>
Message-ID: <200901031338.35340.lambda512@gmail.com>

El S?bado 03 Enero 2009, jlist9 at gmail.com escribi?:
> >> Thanks for your reply. I've added that but it doesn't seem to
> >> solve my problem. What I'm trying to do is to log in with the
> >> same user twice but bind to different resources. And I'd like
> >> any of the two instances notified when the other instance logs out.
> >>
> >> Do I need to explicitly subscribe to the other instances's presence
> >> stanzas?
> >
> > When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> > <presence from="xxxx at jabberes.org/Home" type="unavailable"
> > to="xxxx at jabberes.org/Psi" />
> >
> > I don't remember to be subscribed explicitly to myself.
>
> Hmm. Maybe the servers don't behave the same way. I was experimenting
> with gtalk...

gtalk behaves in the same way
<presence from="xxxx at gmail.com/HomeCF82D0B9" type="unavailable" 
to="xxxx at gmail.com" />

Did you get the roster (buddy list) from the server? If not, I think that you 
won't receive presence updates.

-- 

Jabber-ID: lambda512 at jabberes.org lambda512 at gmail.com


From tomek at xiaoka.com  Sat Jan  3 07:38:07 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Sat, 03 Jan 2009 14:38:07 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <200901022332.03903.lambda512@gmail.com>
References: <564746040.20090101184226@gmail.com>
	<495DD0C0.3080409@uaznia.net> <1729456589.20090102134901@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
Message-ID: <1230989887.5199.9.camel@wing>

Dnia 2009-01-02, pi? o godzinie 23:32 +0100, naw pisze:
> When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> <presence from="xxxx at jabberes.org/Home" type="unavailable" 
> to="xxxx at jabberes.org/Psi" /> 
> 
> I don't remember to be subscribed explicitly to myself.

Why don't you just make the effort and read XMPP-IM RFC?

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-broadcast-outbound
"The user's server MUST also send the presence stanza to all of the
user's available resources (including the resource that generated the
presence notification in the first place)."

-- 




From stpeter at stpeter.im  Tue Jan  6 15:33:17 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Tue, 06 Jan 2009 14:33:17 -0700
Subject: [jdev] FOSDEM update
Message-ID: <4963CE1D.2000200@stpeter.im>

In its weekly meeting just now, the XSF Board of Directors decided on
the following schedule for the FOSDEM weekend (to discuss further,
please join the summit at xmpp.org list, which you can do via the web at
<http://mail.jabber.org/mailman/listinfo/summit>)....

***

Friday, February 6

A Jingle hackfest for developers who wish to code and test their
implemenations of Jingle, primarily at this point for voice and video.

Saturday, February 7

Public talks and tutorials for larger audiences at FOSDEM (we have a
"devroom" from noon to 6 PM); if you are interested in presenting a talk
or tutorial, please contact Peter Saint-Andre.

Sunday, February 8

Developers are free to attend the second day of the FOSDEM conference.
We'll need help manning the booth and attending talks to spread the word
about XMPP. Also expect many interesting "hallway" discussions and
continued hacking in the background.

Monday, February 9

The "summit" itself: Intensive discussions among core XMPP developers to
solve pressing problems in the XMPP "protocol stack"; the main topics
will probably be mobile optimizations, file transfer, and end-to-end
encryption as recently prioritized by the XMPP Council.

***

See you in Brussels!

/psa


From jlist9 at gmail.com  Thu Jan  8 15:30:00 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 13:30:00 -0800
Subject: [jdev] Smack API and jabber.org
Message-ID: <728707467.20090108133000@gmail.com>

Hello all,

Has anyone tried using jivesoftware's Smack API to access
jabber.org? I tried some sample code on their forum but I was
getting an error. The same code (with the slight difference of
using a full email address) works fine for talk.google.com.

Or, has anyone tried any java XMPP library with success?


The error:

SASL authentication failed using mechanism PLAIN:
        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)

The sample code:

ConnectionConfiguration cc = new ConnectionConfiguration("jabber.org", 5222, "jabber.org");
XMPPConnection connection = new XMPPConnection(cc);
try {
     connection.connect();
     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
     connection.login("your.jabber", "password", "resource");
     System.out.println(connection.isAuthenticated());
} catch (XMPPException e1) {
     e1.printStackTrace();
}

-- 
Best regards,
Jack



From mwild1 at gmail.com  Thu Jan  8 19:34:25 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Fri, 9 Jan 2009 01:34:25 +0000
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <728707467.20090108133000@gmail.com>
References: <728707467.20090108133000@gmail.com>
Message-ID: <4db9cacb0901081734n4a520feeo9d85d4b7ed831739@mail.gmail.com>

On Thu, Jan 8, 2009 at 9:30 PM,  <jlist9 at gmail.com> wrote:
>     connection.login("your.jabber", "password", "resource");

Just a shot in the dark since I don't know smack, but have you tried
putting the full bare JID here, instead of just the username?

Failing that, capture the XML being sent to the server and verify that
the base64'd login credentials are correct.

Matthew.


From sumedha.r at gmail.com  Thu Jan  8 20:42:27 2009
From: sumedha.r at gmail.com (sumedha rubasinghe)
Date: Fri, 9 Jan 2009 08:12:27 +0530
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <728707467.20090108133000@gmail.com>
References: <728707467.20090108133000@gmail.com>
Message-ID: <358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>

Hi,
I have following code block & it works.
/sumedha

xmppConnection = new XMPPConnection(serverCredentials.getServerUrl());
try {
	xmppConnection.connect();
} catch (XMPPException e) {
      log.error("Failed to connect to server
:"+serverCredentials.getServerUrl(), e);
}
//Pause for a small time before trying to login.
//This prevents random ssl exception from Smack API
try {
	Thread.sleep(100);
} catch (InterruptedException e5) {
	log.debug("Sleep interrupted ",e5);
}

if(xmppConnection.isConnected()){
	if(! xmppConnection.isAuthenticated()){
	try {
		xmppConnection.login(serverCredentials.getAccountName()+"@"+
					serverCredentials.getServerUrl(),
					serverCredentials.getPassword(),
					serverCredentials.getResource(),
					true);
	} catch (XMPPException e) {
		try {
			log.error("Login failed for "
					+serverCredentials.getAccountName()
					+"@"+serverCredentials.getServerUrl()
					+".Retrying in 2 secs",e);
			Thread.sleep(2000);
			xmppConnection.login(serverCredentials.getAccountName()+"@"+
					serverCredentials.getServerUrl(),
    				        serverCredentials.getPassword(),
					serverCredentials.getResource(),
					true);
			} catch (InterruptedException e1) {
				log.error("Sleep interrupted.",e1);
			} catch (XMPPException e2) {
				log.error("Login failed for : "+serverCredentials.getAccountName()
						+"@"+serverCredentials.getServerUrl(),e2);
				throw new AxisFault("Login failed for : "+serverCredentials.getAccountName()
						+"@"+serverCredentials.getServerUrl());
			}
		}
	        //Listen for Message type packets from specified server url
		//packetFilter = new AndFilter(new PacketTypeFilter(Message.class),
		//		new FromContainsFilter(serverCredentials.getServerUrl()));
		packetFilter = new FromContainsFilter(serverCredentials.getServerUrl());					
	}
}					





On Fri, Jan 9, 2009 at 3:00 AM,  <jlist9 at gmail.com> wrote:
> Hello all,
>
> Has anyone tried using jivesoftware's Smack API to access
> jabber.org? I tried some sample code on their forum but I was
> getting an error. The same code (with the slight difference of
> using a full email address) works fine for talk.google.com.
>
> Or, has anyone tried any java XMPP library with success?
>
>
> The error:
>
> SASL authentication failed using mechanism PLAIN:
>        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
>        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
>        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)
>
> The sample code:
>
> ConnectionConfiguration cc = new ConnectionConfiguration("jabber.org", 5222, "jabber.org");
> XMPPConnection connection = new XMPPConnection(cc);
> try {
>     connection.connect();
>     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
>     connection.login("your.jabber", "password", "resource");
>     System.out.println(connection.isAuthenticated());
> } catch (XMPPException e1) {
>     e1.printStackTrace();
> }
>
> --
> Best regards,
> Jack
>
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>


From jlist9 at gmail.com  Thu Jan  8 22:38:59 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 20:38:59 -0800
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
Message-ID: <102526468.20090108203859@gmail.com>

Thanks sumedha. It looks like you are not using the latest version
of Smack (3.1.0 beta), since the XMPPConnection class of this version
doesn't have a login(String, String, String, boolean) function.
It's login(String, String, String) instead.

But if it works, I wonder if it's possible for me to get the jar files
from you? I'd like to give that version a try.

Thursday, January 8, 2009, 6:42:27 PM, you wrote:

> Hi,
> I have following code block & it works.
> /sumedha

> xmppConnection = new
> XMPPConnection(serverCredentials.getServerUrl());
> try {
> 	xmppConnection.connect();
> } catch (XMPPException e) {
>       log.error("Failed to connect to server
> :"+serverCredentials.getServerUrl(), e);
> }
> //Pause for a small time before trying to login.
> //This prevents random ssl exception from Smack API
> try {
> 	Thread.sleep(100);
> } catch (InterruptedException e5) {
> 	log.debug("Sleep interrupted ",e5);
> }

> if(xmppConnection.isConnected()){
> 	if(! xmppConnection.isAuthenticated()){
> 	try {
> 		xmppConnection.login(serverCredentials.getAccountName()+"@"+
> 					serverCredentials.getServerUrl(),
> 					serverCredentials.getPassword(),
> 					serverCredentials.getResource(),
> 					true);
> 	} catch (XMPPException e) {
> 		try {
> 			log.error("Login failed for "
> 					+serverCredentials.getAccountName()
> 					+"@"+serverCredentials.getServerUrl()
> 					+".Retrying in 2 secs",e);
> 			Thread.sleep(2000);
> 			xmppConnection.login(serverCredentials.getAccountName()+"@"+
> 					serverCredentials.getServerUrl(),
>     				        serverCredentials.getPassword(),
> 					serverCredentials.getResource(),
> 					true);
> 			} catch (InterruptedException e1) {
> 				log.error("Sleep interrupted.",e1);
> 			} catch (XMPPException e2) {
> 				log.error("Login failed for :
> "+serverCredentials.getAccountName()
> 						+"@"+serverCredentials.getServerUrl(),e2);
> 				throw new AxisFault("Login failed for :
> "+serverCredentials.getAccountName()
> 						+"@"+serverCredentials.getServerUrl());
> 			}
> 		}
> 	        //Listen for Message type packets from specified server url
> 		//packetFilter = new AndFilter(new PacketTypeFilter(Message.class),
> 		//		new FromContainsFilter(serverCredentials.getServerUrl()));
> 		packetFilter = new
> FromContainsFilter(serverCredentials.getServerUrl());					
> 	}
> }					





> On Fri, Jan 9, 2009 at 3:00 AM,  <jlist9 at gmail.com> wrote:
>> Hello all,
>>
>> Has anyone tried using jivesoftware's Smack API to access
>> jabber.org? I tried some sample code on their forum but I was
>> getting an error. The same code (with the slight difference of
>> using a full email address) works fine for talk.google.com.
>>
>> Or, has anyone tried any java XMPP library with success?
>>
>>
>> The error:
>>
>> SASL authentication failed using mechanism PLAIN:
>>        at
>> org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
>>        at
>> org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
>>        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)
>>
>> The sample code:
>>
>> ConnectionConfiguration cc = new
>> ConnectionConfiguration("jabber.org", 5222, "jabber.org");
>> XMPPConnection connection = new XMPPConnection(cc);
>> try {
>>     connection.connect();
>>     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
>>     connection.login("your.jabber", "password", "resource");
>>     System.out.println(connection.isAuthenticated());
>> } catch (XMPPException e1) {
>>     e1.printStackTrace();
>> }




From sumedha.r at gmail.com  Thu Jan  8 23:37:52 2009
From: sumedha.r at gmail.com (sumedha rubasinghe)
Date: Fri, 9 Jan 2009 11:07:52 +0530
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <1979015996.20090108212208@gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
	<102526468.20090108203859@gmail.com>
	<358531180901082117g3a1b7680k79e0f41b4e7cd186@mail.gmail.com>
	<1979015996.20090108212208@gmail.com>
Message-ID: <358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>

Hi,
You can download it from here[1].
wonder why old distributions are not available... Even I could not
find it on their site. :-)

/sumedha
http://sumedha.blogspot.com

[1] http://ws.zones.apache.org/repository2/org/igniterealtime/



On Fri, Jan 9, 2009 at 10:52 AM,  <jlist9 at gmail.com> wrote:
> Would it be possible for you to email me the two jar files?
> Their site doesn't seem to provide downloads for earlier versions :(
> I'd appreciate it.
>
>> Your correct, I am using Smack 3.0.4. (Downloadable from smack site)
>
>> /sumedha
>
>
>> On Fri, Jan 9, 2009 at 10:08 AM,  <jlist9 at gmail.com> wrote:
>>> Thanks sumedha. It looks like you are not using the latest version
>>> of Smack (3.1.0 beta), since the XMPPConnection class of this version
>>> doesn't have a login(String, String, String, boolean) function.
>>> It's login(String, String, String) instead.
>>>
>>> But if it works, I wonder if it's possible for me to get the jar files
>>> from you? I'd like to give that version a try.
>
>
>


From jlist9 at gmail.com  Fri Jan  9 00:33:52 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 22:33:52 -0800
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
	<102526468.20090108203859@gmail.com>
	<358531180901082117g3a1b7680k79e0f41b4e7cd186@mail.gmail.com>
	<1979015996.20090108212208@gmail.com>
	<358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>
Message-ID: <491441170.20090108223352@gmail.com>

Thanks sumedha!

> You can download it from here[1].
> wonder why old distributions are not available... Even I could not
> find it on their site. :-)

> /sumedha
> http://sumedha.blogspot.com

> [1] http://ws.zones.apache.org/repository2/org/igniterealtime/




From Jehan.3lqu8n at no-mx.jabberforum.org  Fri Jan  9 05:27:31 2009
From: Jehan.3lqu8n at no-mx.jabberforum.org (Jehan)
Date: Fri, 9 Jan 2009 12:27:31 +0100
Subject: [jdev] out of scope: Quakelive would use XMPP
Message-ID: <Jehan.3lqu8n@no-mx.jabberforum.org>


Hi all,

I don't know exactly where to post this info, so sorry because it is a
little out of scope in jdev. But I am forwarding a message read from a
Linux community french website:
https://linuxfr.org/~Skateinmars/27735.html

Apparently the QuakeLive game ( http://www.quakelive.com/noflash.html )
would use XMPP as the guy reported that during a game launch, he can
read "Waiting on XMPP Authentication". Then he could find this email
from an idsoftware dev which seems to corroborate the XMPP hypothesis:
https://mailman.ik.nu/pipermail/twisted-jabber/2008-May/000149.html

Now even games from big companies are using XMPP! Nice, isn't it?

Jehan


-- 
Jehan
------------------------------------------------------------------------
Jehan's Profile: http://www.jabberforum.org/member.php?userid=16911
View this thread: http://www.jabberforum.org/showthread.php?t=1310



From gnauck at ag-software.de  Fri Jan  9 13:15:18 2009
From: gnauck at ag-software.de (Alexander Gnauck)
Date: Fri, 09 Jan 2009 20:15:18 +0100
Subject: [jdev] XSF membership application period Q1/2009
Message-ID: <4967A246.9060603@ag-software.de>

The XMPP Standards Foundation (XSF) is currently holding its quarterly 
membership application period:
http://wiki.xmpp.org/web/Membership_Applications_January_2009

Applications are encouraged from developers and others who are actively 
involved in the Jabber/XMPP community. To apply, create a page about 
yourself on the wiki.

If you don't have a wiki account, send your name, preferred nickname and 
email address to me or one of the other Sysops:
http://wiki.xmpp.org/index.php/Sysops

The application period ends on 26th January 2009 23:59h UTC, so apply today!

Thanks,
Alex


From kamanashisroy at gmail.com  Sat Jan 10 11:25:45 2009
From: kamanashisroy at gmail.com (Kamanashis Roy Shuva)
Date: Sat, 10 Jan 2009 23:25:45 +0600
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <4967A246.9060603@ag-software.de>
References: <4967A246.9060603@ag-software.de>
Message-ID: <ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>

Hi,

  I am Kamanashis Roy, my nick name is Shuva .. I wish to be a member of
this wiki.

  I wish to talk about the best data exchange, document exchange and
rendering techniques available here, for example,
http://xmpp.org/extensions/xep-0004.html,
http://xmpp.org/extensions/xep-0071.html and some upcoming portocols if
available. Surely I need some discussion and help about that. And I like to
implement those things in MiniIM.

-- 
-- Sharp blade clean shield

Kamanashis Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090110/7c3f6b79/attachment-0002.htm>

From mwild1 at gmail.com  Sat Jan 10 11:55:09 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Sat, 10 Jan 2009 17:55:09 +0000
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
Message-ID: <4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>

On Sat, Jan 10, 2009 at 5:25 PM, Kamanashis Roy Shuva
<kamanashisroy at gmail.com> wrote:
> Hi,
>
>   I am Kamanashis Roy, my nick name is Shuva .. I wish to be a member of
> this wiki.
>

You should have just received an email with your account details, let
me know if there are any problems :)

Matthew.


From kamanashisroy at gmail.com  Sun Jan 11 11:14:22 2009
From: kamanashisroy at gmail.com (Kamanashis Roy Shuva)
Date: Sun, 11 Jan 2009 23:14:22 +0600
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
	<4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
Message-ID: <ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>

Hi,

  Thanks for your reply. I already have an account as
kamanashisroy at jabber.org . I am little confused with that. Should I use the
same account ? or is it possible to use the same ? If it is, then I like to
use that.

-- 
-- Sharp blade clean shield

Kamanashis Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090111/ea0e8e7c/attachment-0002.htm>

From mwild1 at gmail.com  Sun Jan 11 11:50:14 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Sun, 11 Jan 2009 17:50:14 +0000
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
	<4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
	<ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>
Message-ID: <4db9cacb0901110950n62200c70x7235d369eb732ab@mail.gmail.com>

On Sun, Jan 11, 2009 at 5:14 PM, Kamanashis Roy Shuva
<kamanashisroy at gmail.com> wrote:
> Hi,
>
>   Thanks for your reply. I already have an account as
> kamanashisroy at jabber.org . I am little confused with that. Should I use the
> same account ? or is it possible to use the same ? If it is, then I like to
> use that.
>

If you are asking whether our wiki authentication can use XMPP
accounts I'm afraid that the answer is no. Wiki accounts are separate.

Matthew.


From stpeter at stpeter.im  Mon Jan 12 13:15:50 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 12 Jan 2009 12:15:50 -0700
Subject: [jdev] Pidgin survey results
Message-ID: <496B96E6.9010601@stpeter.im>

Some interesting numbers here:

http://pidgin.im/survey/results/survey0summary.html

In particular, "Which of the following protocol types do you use?"
yields the following numbers:

MSN 	67%
Google	51%
ICQ 	44%
XMPP 	39%
Yahoo 	32%
AIM 	28%
IRC 	23%

Everything else is in the single digits.

/psa


From nathanfritz at gmail.com  Mon Jan 12 14:34:25 2009
From: nathanfritz at gmail.com (Nathan Fritz)
Date: Mon, 12 Jan 2009 12:34:25 -0800
Subject: [jdev] Pidgin survey results
In-Reply-To: <496B96E6.9010601@stpeter.im>
References: <496B96E6.9010601@stpeter.im>
Message-ID: <182eea400901121234i638cd234k431c536326033029@mail.gmail.com>

Too bad that Google and XMPP aren't combined.  They could have 90% people
using XMPP and not know it.  However, it's more likely that there's some
overlap there, and it's more like 70%.  It's hard to say.

On Mon, Jan 12, 2009 at 11:15 AM, Peter Saint-Andre <stpeter at stpeter.im>wrote:

> Some interesting numbers here:
>
> http://pidgin.im/survey/results/survey0summary.html
>
> In particular, "Which of the following protocol types do you use?"
> yields the following numbers:
>
> MSN     67%
> Google  51%
> ICQ     44%
> XMPP    39%
> Yahoo   32%
> AIM     28%
> IRC     23%
>
> Everything else is in the single digits.
>
> /psa
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090112/470f409b/attachment-0002.htm>

From justin-keyword-jabber.093179 at affinix.com  Mon Jan 12 18:47:49 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Mon, 12 Jan 2009 16:47:49 -0800
Subject: [jdev] Pidgin survey results
In-Reply-To: <496B96E6.9010601@stpeter.im>
References: <496B96E6.9010601@stpeter.im>
Message-ID: <200901121647.49734.justin-keyword-jabber.093179@affinix.com>

On Monday 12 January 2009 11:15:50 Peter Saint-Andre wrote:
> Some interesting numbers here:
>
> http://pidgin.im/survey/results/survey0summary.html
>
> In particular, "Which of the following protocol types do you use?"
> yields the following numbers:
>
> MSN 	67%
> Google	51%
> ICQ 	44%
> XMPP 	39%
> Yahoo 	32%
> AIM 	28%
> IRC 	23%

In the survey, Linux was the most-used platform, and ICQ is ahead of both AIM 
and Yahoo.  So, there's clearly some geeky/regional bias.

However, it's good to know that among these types of users, XMPP ranks highly.

-Justin


From spike411.3lxvxz at no-mx.jabberforum.org  Tue Jan 13 00:48:01 2009
From: spike411.3lxvxz at no-mx.jabberforum.org (spike411)
Date: Tue, 13 Jan 2009 07:48:01 +0100
Subject: [jdev] Pidgin survey results
References: <496B96E6.9010601@stpeter.im>
Message-ID: <spike411.3lxvxz@no-mx.jabberforum.org>


You might also be interested in Adium results (from Sparkle
auto-update):

http://www.adiumx.com/sparkle/


-- 
spike411
------------------------------------------------------------------------
spike411's Profile: http://www.jabberforum.org/member.php?userid=17075
View this thread: http://www.jabberforum.org/showthread.php?t=1319



From gmsk19 at gmail.com  Tue Jan 13 01:27:52 2009
From: gmsk19 at gmail.com (shashi kiran)
Date: Tue, 13 Jan 2009 12:57:52 +0530
Subject: [jdev] Pidgin survey results
In-Reply-To: <spike411.3lxvxz@no-mx.jabberforum.org>
References: <496B96E6.9010601@stpeter.im>
	<spike411.3lxvxz@no-mx.jabberforum.org>
Message-ID: <84a4eed70901122327y7f05b6day4fef93f4862f41cc@mail.gmail.com>

I Agree with Nathan about combining XMPP and GoogleTalk Numbers. Yahoo is on
its way down.  Don't be surprised the if MSN usage goes down in next year's
poll not that it is bad protocol but the its just that XMPP is far more
convenient.

On Tue, Jan 13, 2009 at 12:18 PM, spike411 <
spike411.3lxvxz at no-mx.jabberforum.org> wrote:

>
> You might also be interested in Adium results (from Sparkle
> auto-update):
>
> http://www.adiumx.com/sparkle/
>
>
> --
> spike411
> ------------------------------------------------------------------------
> spike411's Profile: http://www.jabberforum.org/member.php?userid=17075
> View this thread: http://www.jabberforum.org/showthread.php?t=1319
>
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>



-- 
Regards
Shashi Kiran G M
Software Engineer
Geodesic Information Systems Pvt Ltd
(http://messenger.mundu.com)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090113/090201a3/attachment-0002.htm>

From remko at el-tramo.be  Tue Jan 13 01:54:52 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Tue, 13 Jan 2009 08:54:52 +0100
Subject: [jdev] Pidgin survey results
In-Reply-To: <200901121647.49734.justin-keyword-jabber.093179@affinix.com>
References: <496B96E6.9010601@stpeter.im>
	<200901121647.49734.justin-keyword-jabber.093179@affinix.com>
Message-ID: <133fd4c60901122354l3d7bfb17mfad19e0b27040b20@mail.gmail.com>

> In the survey, Linux was the most-used platform, and ICQ is ahead of both AIM
> and Yahoo.  So, there's clearly some geeky/regional bias.

Exactly. Since Pidgin is mostly a Linux client, it attracts certain
crowds (although it might be shifting a little bit with Ubuntu).

The Adium results on the other hand are a lot more significant i
think. Most Mac users I know use Adium for their IM needs (so it's not
just a geek thing), and Mac users cover a big spectrum of users. And
the results indeed look more like expected: MSN and AIM way up there.
Google Talk is still quite high though, so that's cool.

cheers,
Remko


From richard at indigo3.net  Wed Jan 14 03:20:11 2009
From: richard at indigo3.net (Richard Smith)
Date: Wed, 14 Jan 2009 10:20:11 +0100
Subject: [jdev] Mixing Attribute Namespaces
Message-ID: <496DAE4B.5030807@indigo3.net>

Hello,

I've been having a think over the past few days and have been wondering if
applying namespaces on an attribute level is valid within XMPP, and if there
are any guidelines as to attribute specifications used.

What I'm pondering is while the following is valid XML, is it valid under XMPP?

<message
 to="..."
 from="..."
 xmlns:magicNS="urn:blah:etc"
 magicNS:attr1="..." >...

>From what I understand in RFC3920 this would be ok, however mildly confusing
etc.

Am I right in thinking that while this is valid, it's generally not good for
client understanding? Not that I care much in this context anyway since I'm
using XMPP as a transport protocol for something non-IM based, but it's
always good to know :)

-- 
Richard




From m at tthias.eu  Wed Jan 14 03:27:45 2009
From: m at tthias.eu (Matthias Wimmer)
Date: Wed, 14 Jan 2009 10:27:45 +0100
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <496DB011.2040409@tthias.eu>

Hi Richard,

Richard Smith schrieb:
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...

Why should it be bad? I don't see why it should be forbidden neither do 
I see where it should cause harm.

You should just keep in mind, that

<message xmlns='jabber:client' to='...' from='...'>...
and
<foo:message xmlns='jabber:client' to='...' from='...'>...

are from the pure XML point of view the same as a 'normal' stanza 
without the xmlns attribute,

while

<message xmlns:foo='jabber:client' foo:to='...' foo:from='...'>...
and
<foo:message xmlns:foo='jabber:client' foo:to='...' foo:from='...'>...

are not equivalent to the above to stanzas. I.e. an attribute name 
without a prefix does not denote an attribute in the default namespace, 
but an attribute that belongs to the element.


Matthias

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3271 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090114/1ad81fc3/attachment-0002.bin>

From dave at cridland.net  Wed Jan 14 03:39:24 2009
From: dave at cridland.net (Dave Cridland)
Date: Wed, 14 Jan 2009 09:39:24 +0000
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <12062.1231925964.315880@peirce.dave.cridland.net>

On Wed Jan 14 09:20:11 2009, Richard Smith wrote:
> Hello,
> 
> I've been having a think over the past few days and have been  
> wondering if
> applying namespaces on an attribute level is valid within XMPP, and  
> if there
> are any guidelines as to attribute specifications used.
> 
> What I'm pondering is while the following is valid XML, is it valid  
> under XMPP?
> 
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...
> 
> From what I understand in RFC3920 this would be ok, however mildly  
> confusing
> etc.
> 
> Am I right in thinking that while this is valid, it's generally not  
> good for
> client understanding? Not that I care much in this context anyway  
> since I'm
> using XMPP as a transport protocol for something non-IM based, but  
> it's
> always good to know :)

Strictly, I think this is valid, however I'm not convinced that all  
servers would pass it through - my understanding is that stanza-level  
attributes are essentially reserved for hop-by-hop work. I'm not sure  
that's a hard and fast rule, but it certainly fits my experience.

On the other hand, putting namespaced elements (or attributes) inside  
a stanza will get passed through for certain, as well as being more a  
more traditional extension technique.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


From tomek at xiaoka.com  Wed Jan 14 04:07:26 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Wed, 14 Jan 2009 11:07:26 +0100
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <1231927646.5718.83.camel@wing>

Dnia 2009-01-14, ?ro o godzinie 10:20 +0100, Richard Smith pisze:
> What I'm pondering is while the following is valid XML, is it valid
> under XMPP?
> 
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...
> 
> >From what I understand in RFC3920 this would be ok, however mildly
> confusing
> etc.
> 
> Am I right in thinking that while this is valid, it's generally not
> good for
> client understanding? Not that I care much in this context anyway
> since I'm
> using XMPP as a transport protocol for something non-IM based, but
> it's
> always good to know :)

It is valid.

Historically (in pre-XMPP jabber network) most clients did not support
xmlns. This is why there are some strange restrictions applied on XMPP
streams.
But todays XMPP requires full xml namespace support, and IIRC GTalk uses
them extensively, so sooner or later all servers and clients would
support xmlns correctly.


-- 




From stpeter at stpeter.im  Wed Jan 14 11:29:18 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Wed, 14 Jan 2009 10:29:18 -0700
Subject: [jdev] [Fwd: [Summit] logistics]
Message-ID: <496E20EE.7050806@stpeter.im>

FYI. Join the summit at xmpp.org list if you'll be at FOSDEM and want to
participate in any of these activities.

-------- Original Message --------
Subject: [Summit] logistics
Date: Wed, 14 Jan 2009 10:13:28 -0700
From: Peter Saint-Andre <stpeter at stpeter.im>
Reply-To: XMPP Summit <summit at xmpp.org>
To: summit at xmpp.org

The Jingle Thingle (Friday) and the XMPP Summit (Monday) will take place
at the Hotel Bedford:

http://www.hotelbedford.be/

Details here:

http://xmpp.org/summit/summit6.shtml

The rate for sleeping rooms seems quite reasonable at the Bedford. There
is a booking.com link at the Summit6 page. Room sharing is encouraged
and we can hook people up on this list.

Peter



From elmex at x-paste.de  Thu Jan 15 10:21:57 2009
From: elmex at x-paste.de (Robin Redeker)
Date: Thu, 15 Jan 2009 17:21:57 +0100
Subject: [jdev] GSSAPI and service hostname
Message-ID: <20090115162157.GA5746@elmex2>

Hi!


I've received a bugreport for my Perl module AnyEvent::XMPP recently,
that says that I should not pass the domain of the JID as service hostname
to SASL (and later the GSSAPI mechanism).

Then I've been trying to figure out how the JID is mapped to the service
hostname of the XMPP server for GSSAPI authentication, bringing me to the
conclusion that the RFC 3920 (bis) doesn't say much about the _hostname_
of the service.

So here my question to the broad mass of developers: How should I determine
the hostname of the service I'm authenticating with?

I also wonder which server supports GSSAPI mechanims, so that I can
test implementation.


Thanks,
   Robin

-- 
Robin Redeker                         | Deliantra, the free code+content MORPG
elmex at ta-sa.org / r.redeker at gmail.com | http://www.deliantra.net
http://www.ta-sa.org/                 |


From stpeter at stpeter.im  Thu Jan 15 10:51:30 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 15 Jan 2009 09:51:30 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <20090115162157.GA5746@elmex2>
References: <20090115162157.GA5746@elmex2>
Message-ID: <496F6992.90604@stpeter.im>

Robin Redeker wrote:
> Hi!
> 
> 
> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
> that says that I should not pass the domain of the JID as service hostname
> to SASL (and later the GSSAPI mechanism).
> 
> Then I've been trying to figure out how the JID is mapped to the service
> hostname of the XMPP server for GSSAPI authentication, bringing me to the
> conclusion that the RFC 3920 (bis) doesn't say much about the _hostname_
> of the service.

RFC 3920 (or rfc3920bis) doesn't get into the details of particular SASL
mechanisms. As far as I know, GSSAPI is the only SASL mechanism that
uses the service hostname -- the other mechanisms tend to accept only
the username portion of the JID (or a certificate that contains the JID).

> So here my question to the broad mass of developers: How should I determine
> the hostname of the service I'm authenticating with?

As we discussed in the jdev room yesterday, I think you would use the
machine-name that you discovered via SRV lookup:

http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06

> I also wonder which server supports GSSAPI mechanims, so that I can
> test implementation.

It's not the most popular SASL mechanism because not that many
organizations deploy Kerberos.

Peter



From justin-keyword-jabber.093179 at affinix.com  Thu Jan 15 11:09:41 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Thu, 15 Jan 2009 09:09:41 -0800
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F6992.90604@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
Message-ID: <200901150909.41545.justin-keyword-jabber.093179@affinix.com>

On Thursday 15 January 2009 08:51:30 Peter Saint-Andre wrote:
> As we discussed in the jdev room yesterday, I think you would use the
> machine-name that you discovered via SRV lookup:
>
> http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06

Yes, this is the consensus.

There is, however, some worry about DNS-based attacks, since the connect host 
is derived insecurely through the SRV lookup.  One obvious but totally 
impractical fix is to use DNSSEC.  Another is to use XEP-233.  Yet another is 
to offer some explicit trust mechanisms in the client (e.g. a field where the 
user can type the connect host in advance, to mark as trusted).

-Justin


From stpeter at stpeter.im  Thu Jan 15 11:19:44 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 15 Jan 2009 10:19:44 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <200901150909.41545.justin-keyword-jabber.093179@affinix.com>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
Message-ID: <496F7030.1070805@stpeter.im>

Justin Karneges wrote:
> On Thursday 15 January 2009 08:51:30 Peter Saint-Andre wrote:
>> As we discussed in the jdev room yesterday, I think you would use the
>> machine-name that you discovered via SRV lookup:
>>
>> http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06
> 
> Yes, this is the consensus.
> 
> There is, however, some worry about DNS-based attacks, since the connect host 
> is derived insecurely through the SRV lookup.  

Correct.

> One obvious but totally 
> impractical fix is to use DNSSEC.  

DNSSEC is seeing more deployment, but it's taking a long time. I don't
know that I'd call it totally impractical, though.

> Another is to use XEP-233.  

AFAIK, no servers implement that yet, and in any case it was designed
for a slightly different use case (basically situations in which DNS SRV
results don't tell you the hostname of the connection manager you're
talking to because load balancers are in use).

> Yet another is 
> to offer some explicit trust mechanisms in the client (e.g. a field where the 
> user can type the connect host in advance, to mark as trusted).

Right. This is similar to how some clients handle such things now. See
rfc3920bis for details:

http://xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-08.html#tcp-resolution

/psa


From linuxwolf at outer-planes.net  Thu Jan 15 12:02:24 2009
From: linuxwolf at outer-planes.net (Matthew A. Miller)
Date: Thu, 15 Jan 2009 11:02:24 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F7030.1070805@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
	<496F7030.1070805@stpeter.im>
Message-ID: <AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>

On Jan 15, 2009, at 10:19, Peter Saint-Andre wrote:
>> Another is to use XEP-233.
>
> AFAIK, no servers implement that yet, and in any case it was designed
> for a slightly different use case (basically situations in which DNS  
> SRV
> results don't tell you the hostname of the connection manager you're
> talking to because load balancers are in use).

Besides, XEP-233 isn't any more secure than the SRV lookup.

*  If you can't trust the name from the SRV lookup that sent you to  
this (possibly fake) server, why can you now trust the value provided  
via XEP-233 from that server?
*  If you trust the XEP-233 result because you've got a secure channel  
(STARTTLS) and trusted their certificate, then why can't you now trust  
the SRV result?

 From my own observations and experiences, Deployments involving  
GSSAPI require significant planning, and is almost always undertaken  
because of the organization's security policy.  I've not seen such a  
policy that mandating GSSAPI, but then ignored issues around network  
name resolution.

So back to the original poster:
My recommendation for your library would be to rely on the (FQDN of  
the) hostname used to establish the XMPP/TCP connection, but make sure  
you have a way to manually bypass DNS SRV for establishing said  
connection (i.e. explicit hostname for the socket connection).  If the  
users of the library are willing to trust the hostname enough to get  
to the point where authentication is attempted, then odds are they're  
willing (or rather, required) to trust that hostname in obtaining the  
service principal credentials.

--
Matthew A. Miller
linuxwolf at outer-planes.net




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2238 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090115/cf8d5aaa/attachment-0002.bin>

From justin-keyword-jabber.093179 at affinix.com  Thu Jan 15 13:30:09 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Thu, 15 Jan 2009 11:30:09 -0800
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>
References: <20090115162157.GA5746@elmex2> <496F7030.1070805@stpeter.im>
	<AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>
Message-ID: <200901151130.09071.justin-keyword-jabber.093179@affinix.com>

On Thursday 15 January 2009 10:02:24 Matthew A. Miller wrote:
> Besides, XEP-233 isn't any more secure than the SRV lookup.
[...]
> *  If you trust the XEP-233 result because you've got a secure channel
> (STARTTLS) and trusted their certificate, then why can't you now trust
> the SRV result?

Hmm, this is an interesting question.

TLS validates the XMPP domain, not the connect host found in the SRV result.  
So an attacker could feed you an incorrect SRV result here, and then route 
your traffic (as-is, not attacking TLS) to the real XMPP server.  This would 
be enough for an attacker to cause you to use the wrong host in the Kerberos 
negotiation.

However, it's not clear to me if there is a real attack here.  With the wrong 
host, you may obtain a wrong Kerberos ticket but you'll attempt to use it 
with the "right" host which will result in a failed authentication (a DoS).  
Maybe if the "right" host has multiple host keys for the "xmpp" service, the 
attacker could cause you to successfully authenticate to the wrong XMPP host?  
Well, whether that attack is really a problem or not, at least XEP-233 does 
close it off.

-Justin


From sxw at inf.ed.ac.uk  Thu Jan 15 15:31:52 2009
From: sxw at inf.ed.ac.uk (Simon Wilkinson)
Date: Thu, 15 Jan 2009 21:31:52 +0000
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F7030.1070805@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
	<496F7030.1070805@stpeter.im>
Message-ID: <9BF110DC-8D5D-4300-BD39-90C59C954F25@inf.ed.ac.uk>


On 15 Jan 2009, at 17:19, Peter Saint-Andre wrote:
>
> AFAIK, no servers implement that yet, and in any case it was designed
> for a slightly different use case (basically situations in which DNS  
> SRV
> results don't tell you the hostname of the connection manager you're
> talking to because load balancers are in use).

GSSAPI domain based names are specifically designed to deal with the  
problem where the connection host is derived through an insecure SRV  
lookup, so they're exactly the correct tool to use to resolve this  
issue. The problem is with knowing what the other end is prepared to  
accept. I suppose if you're using your own SASL implementation you  
could do a gss_init_sec_context() for the domain based name first, and  
if that fails, fall back to using the hostname you got through the SRV  
lookup.

Simon.



From tomek at xiaoka.com  Fri Jan 16 07:02:53 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Fri, 16 Jan 2009 14:02:53 +0100
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <20090115162157.GA5746@elmex2>
References: <20090115162157.GA5746@elmex2>
Message-ID: <1232110973.5169.8.camel@wing>

Dnia 2009-01-15, czw o godzinie 17:21 +0100, Robin Redeker pisze:
> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
> that says that I should not pass the domain of the JID as service hostname
> to SASL (and later the GSSAPI mechanism).

I think you should.

It's server job to map the provided domain name to a specific hostname.
Just like it is server job to map the domain name to a realm, in case of
DIGEST-MD5.


> I also wonder which server supports GSSAPI mechanims, so that I can
> test implementation.

http://jabberd2.xiaoka.com/
Although its not tested much.

-- 




From sxw at inf.ed.ac.uk  Fri Jan 16 07:23:15 2009
From: sxw at inf.ed.ac.uk (Simon Wilkinson)
Date: Fri, 16 Jan 2009 13:23:15 +0000
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <1232110973.5169.8.camel@wing>
References: <20090115162157.GA5746@elmex2> <1232110973.5169.8.camel@wing>
Message-ID: <E8C194DC-6261-461D-9524-94BBE85A6253@inf.ed.ac.uk>


On 16 Jan 2009, at 13:02, Tomasz Sterna wrote:

> Dnia 2009-01-15, czw o godzinie 17:21 +0100, Robin Redeker pisze:
>> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
>> that says that I should not pass the domain of the JID as service  
>> hostname
>> to SASL (and later the GSSAPI mechanism).
>
> I think you should.

Not with GSSAPI, and not if you want to be compatible with anyone else.

The GSSAPI SASL mechanism needs to know the service hostname so it can  
talk construct a request for the correct service principal to the KDC.  
It has to know a hostname, because that's the way that Kerberos has  
traditionally worked - a service principal contains the name of the  
host running the service, not of the domain that the service is being  
run for. This has been discussed a number of times on the jdev list,  
and within the Kerberos community, and those of us who have  
implemented XMPP clients and servers supporting GSSAPI have come to  
the consensus that this is the current correct behaviour.

In the longer term, as I noted in a previous post, domain based names  
are the way forwards. This is going to definitely require changes to  
the common SASL APIs, and possibly to the SASL GSSAPI wire  
specification (although 'GSSAPI' which we're all still using has  
already been superceded by GS2)

> It's server job to map the provided domain name to a specific  
> hostname.
> Just like it is server job to map the domain name to a realm, in  
> case of
> DIGEST-MD5.

The server can't do this in a way that's safe - bear in mind that with  
Kerberos, it's the client side that needs to know who it's talking to  
- it's not a case of mapping incoming connections into an  
authentication realm (in the way that DIGEST-MD5 does). Allowing the  
client to ask the server 'who are you today?' immediately opens the  
way for MITM attacks, and defeats the whole point of using GSSAPI in  
the first place.

>> I also wonder which server supports GSSAPI mechanims, so that I can
>> test implementation.
>
> http://jabberd2.xiaoka.com/
> Although its not tested much.

We're using a version of jabberd2 with Cyrus SASL to provide GSSAPI  
support. It works well for us, and is what most of the client GSSAPI  
support (Pidgin, Adium, etc) which I wrote was originally tested  
against, but it's not what's currently being distributed. Openfire has  
a GSSAPI implementation that libpurple's code has been tested against  
that a number of big Kerberos users are using in production. I believe  
there are also patches for Kerberos support in ejabberd, but I'm not  
sure if they've been integrated, and I'm not aware of any  
interoperability testing that has been done.

Cheers,

Simon.



From julien.genestoux at gmail.com  Sat Jan 17 15:46:26 2009
From: julien.genestoux at gmail.com (Julien Genestoux)
Date: Sat, 17 Jan 2009 13:46:26 -0800
Subject: [jdev] XMPP Meetup in San Francisco
Message-ID: <26c0cf900901171346qae8acfcx686b8aa4497256dd@mail.gmail.com>

Hey!

First : Happy New Year! May it be yet another year of great growth for the
XMPP Community!

I just wanted to let you guys know that we're organizing the first XMPP
Meetup in San Francisco, CA on February 18th, right after XMPP Summit.

Feel free to join us: http://bit.ly/xmpp_sf
Also, we're looking for speakers/topics, so feel free to suggest anything
you'd like to see covered at is event.

Thanks a lot!

Julien

PS: please let me know if it's inapropriate to use this ML for this.

--
Julien Genestoux
http://www.ouvre-boite.com
http://blog.notifixio.us

+1 (415) 254 7340
+33 (0)9 70 44 76 29
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090117/85ddce29/attachment-0001.htm>

From richard at indigo3.net  Sun Jan 25 10:06:19 2009
From: richard at indigo3.net (Richard Smith)
Date: Sun, 25 Jan 2009 17:06:19 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
Message-ID: <497C8DFB.3080503@indigo3.net>

Hello!

I'm just putting some specs together for a project I'll be working on, 
and I was wondering...

XMPP RFC3290 specifies SASL namespaces and implementation within the 
scope of authenticating init-to-responder streams. Can this namespace be 
used at a lower level?

I've read through the SASL sections, and it doesn't actually say that 
the authentication scheme cannot be used in-band to communicate with a 
remote host?

The situation is that I'm got to build a client and component to do some 
notification magic. The 'client' part however might be on jabber.org, or 
another xmpp server entirely.

So, I know it's probably unsupported by most if not all the clients, but 
is it possible to re-use SASL namespaces to authenticate a user against 
a remote XMPP component using SASL?

-- 
Rich


From dmeyer at tzi.de  Sun Jan 25 11:23:51 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Sun, 25 Jan 2009 18:23:51 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <497C8DFB.3080503@indigo3.net> (Richard Smith's message of "Sun\,
	25 Jan 2009 17\:06\:19 +0100")
References: <497C8DFB.3080503@indigo3.net>
Message-ID: <87mydf47vc.fsf@phex.sachmittel.de>

Richard Smith wrote:
> I've read through the SASL sections, and it doesn't actually say that 
> the authentication scheme cannot be used in-band to communicate with a 
> remote host?
>
> So, I know it's probably unsupported by most if not all the clients, but 
> is it possible to re-use SASL namespaces to authenticate a user against 
> a remote XMPP component using SASL?

Thinking of web services connected over XMPP, this sounds useful. Maybe
we can define some sort of SASL in IQ stanzas. But this will be an
insecure connection. Maybe you want to use E2E security in this use
case.


Dirk

-- 
This is Linux country. If you listen carefully, you can hear Windows
reboot...


From richard at indigo3.net  Sun Jan 25 11:29:24 2009
From: richard at indigo3.net (Richard Smith)
Date: Sun, 25 Jan 2009 18:29:24 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <87mydf47vc.fsf@phex.sachmittel.de>
References: <497C8DFB.3080503@indigo3.net> <87mydf47vc.fsf@phex.sachmittel.de>
Message-ID: <497CA174.7000101@indigo3.net>

Dirk Meyer wrote:
> Thinking of web services connected over XMPP, this sounds useful. Maybe
> we can define some sort of SASL in IQ stanzas. But this will be an
> insecure connection. Maybe you want to use E2E security in this use
> case.

E2E secures the transport... SASL in IQ stanzas would authenticate the 
user... This is my thinking at least...

-- 
Rich


From dmeyer at tzi.de  Sun Jan 25 12:30:39 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Sun, 25 Jan 2009 19:30:39 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <497CA174.7000101@indigo3.net> (Richard Smith's message of "Sun\,
	25 Jan 2009 18\:29\:24 +0100")
References: <497C8DFB.3080503@indigo3.net> <87mydf47vc.fsf@phex.sachmittel.de>
	<497CA174.7000101@indigo3.net>
Message-ID: <87hc3n44s0.fsf@phex.sachmittel.de>

Richard Smith wrote:
> Dirk Meyer wrote:
>> Thinking of web services connected over XMPP, this sounds useful. Maybe
>> we can define some sort of SASL in IQ stanzas. But this will be an
>> insecure connection. Maybe you want to use E2E security in this use
>> case.
>
> E2E secures the transport... SASL in IQ stanzas would authenticate the 
> user... This is my thinking at least...

Yes, but if we need authentication to make the transport secure, we need
to know that there is no man-in-the-middle. I guess TLS-SRP would work
perfect for you: the user provides a password with SRP and the peer
provides a certificate the user can check. Based on that the channel
will be secure.

If you only do SASL, you can not be sure that someone changes the data
after the SASL authentication. Maybe you don't need to if you trust the
XMPP servers involved.


Dirk

-- 
panic("kmem_cache_init(): Offsets are wrong - I've been messed with!");
	2.2.16 /usr/src/linux/mm/slab.c


From tjulien at limewire.com  Sun Jan 25 15:03:12 2009
From: tjulien at limewire.com (Tim Julien)
Date: Sun, 25 Jan 2009 16:03:12 -0500
Subject: [jdev] facebook jabber?
Message-ID: <497CD390.4090701@limewire.com>

anyone heard any updates on this?

http://developers.facebook.com/news.php?blog=1&story=110

-Tim


From justin-keyword-jabber.093179 at affinix.com  Sun Jan 25 15:49:15 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Sun, 25 Jan 2009 13:49:15 -0800
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <87hc3n44s0.fsf@phex.sachmittel.de>
References: <497C8DFB.3080503@indigo3.net> <497CA174.7000101@indigo3.net>
	<87hc3n44s0.fsf@phex.sachmittel.de>
Message-ID: <200901251349.15477.justin-keyword-jabber.093179@affinix.com>

On Sunday 25 January 2009 10:30:39 Dirk Meyer wrote:
> If you only do SASL, you can not be sure that someone changes the data
> after the SASL authentication. Maybe you don't need to if you trust the
> XMPP servers involved.

It depends on the SASL mechanism.  With DIGEST-MD5, for example, you can have 
a mutually authenticated session with integrity protection (and encryption).

I think our e2e proposal should promote TLS + SASL EXTERNAL as the common 
case, but we should not require TLS and we should allow any SASL mechanism.  
This way, someone could create a password-based service running at a JID.

-Justin


From justin-keyword-jabber.093179 at affinix.com  Sun Jan 25 16:10:28 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Sun, 25 Jan 2009 14:10:28 -0800
Subject: [jdev] facebook jabber?
In-Reply-To: <497CD390.4090701@limewire.com>
References: <497CD390.4090701@limewire.com>
Message-ID: <200901251410.28336.justin-keyword-jabber.093179@affinix.com>

On Sunday 25 January 2009 13:03:12 Tim Julien wrote:
> anyone heard any updates on this?
>
> http://developers.facebook.com/news.php?blog=1&story=110

http://bugs.developers.facebook.com/show_bug.cgi?id=3152

The latest word as of November is: "some people are working on this.  it will 
probably be done in a few months.  sorry the timeline isn't more clear."


From Dean at cognation.net  Sun Jan 25 19:41:35 2009
From: Dean at cognation.net (Dean Collins)
Date: Sun, 25 Jan 2009 20:41:35 -0500
Subject: [jdev] facebook jabber?
In-Reply-To: <200901251410.28336.justin-keyword-jabber.093179@affinix.com>
References: <497CD390.4090701@limewire.com>
	<200901251410.28336.justin-keyword-jabber.093179@affinix.com>
Message-ID: <3685A8FD247FA94C957C4304AB386A041A1432@cognationsvr1.Cognation.local>

What are people planning on doing with this?

I've got some initial thoughts but apart from setting status (which is a
minor feature of my app at the very most) so am curious if I'm missing
something.


Regards,

Dean Collins
Cognation Inc
dean at cognation.net
+1-212-203-4357   New York
+61-2-9016-5642   (Sydney in-dial).
+44-20-3129-6001 (London in-dial).

> -----Original Message-----
> From: jdev-bounces at jabber.org [mailto:jdev-bounces at jabber.org] On
Behalf Of
> Justin Karneges
> Sent: Sunday, 25 January 2009 5:10 PM
> To: Jabber/XMPP software development list
> Subject: Re: [jdev] facebook jabber?
> 
> On Sunday 25 January 2009 13:03:12 Tim Julien wrote:
> > anyone heard any updates on this?
> >
> > http://developers.facebook.com/news.php?blog=1&story=110
> 
> http://bugs.developers.facebook.com/show_bug.cgi?id=3152
> 
> The latest word as of November is: "some people are working on this.
it will
> probably be done in a few months.  sorry the timeline isn't more
clear."
> _______________________________________________
> JDev mailing list
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________


From dmeyer at tzi.de  Mon Jan 26 03:40:54 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Mon, 26 Jan 2009 10:40:54 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <200901251349.15477.justin-keyword-jabber.093179@affinix.com>
	(Justin Karneges's message of "Sun\,
	25 Jan 2009 13\:49\:15 -0800")
References: <497C8DFB.3080503@indigo3.net> <497CA174.7000101@indigo3.net>
	<87hc3n44s0.fsf@phex.sachmittel.de>
	<200901251349.15477.justin-keyword-jabber.093179@affinix.com>
Message-ID: <87bptu4d7d.fsf@phex.sachmittel.de>

Justin Karneges wrote:
> On Sunday 25 January 2009 10:30:39 Dirk Meyer wrote:
>> If you only do SASL, you can not be sure that someone changes the data
>> after the SASL authentication. Maybe you don't need to if you trust the
>> XMPP servers involved.
>
> It depends on the SASL mechanism.  With DIGEST-MD5, for example, you can have 
> a mutually authenticated session with integrity protection (and encryption).

I did not know that.

> I think our e2e proposal should promote TLS + SASL EXTERNAL as the common 
> case, but we should not require TLS and we should allow any SASL mechanism.  
> This way, someone could create a password-based service running at a JID.

It may get things more complicated, but agree, it should be
considered. This seems to be the logical choise for communicating with
external (web) services.


Dirk

-- 
The three most dangerous things are a programmer with a soldering iron,
a manager who codes, and a user who gets ideas.


From stpeter at stpeter.im  Mon Jan 26 15:25:16 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 26 Jan 2009 14:25:16 -0700
Subject: [jdev] X.509 clientAuth and serverAuth bits in s2s TLS
Message-ID: <497E2A3C.9080000@stpeter.im>

[Please send follow-ups to the security at xmpp.org list.]

In certificates used for web servers, it is possible to set the
clientAuth and serverAuth bits in certs offered by a browser or a web
server (respectively).

Life is a little more complicated in XMPP because an XMPP server can act
as a TLS client for server-to-server (s2s) connections. That is, the
XMPP server that initiates the s2s connection acts as a TLS client and
the XMPP server that receives the s2s connection acts as a TLS server.
Therefore an XMPP server can act as either a TLS client or a TLS server.

My question is: do any XMPP server codebases (or the TLS libraries they
use) depend on inclusion of the clientAuth or serverAuth bits in order
to function properly? The problem I foresee is that an XMPP server might
fail on an attempt to encrypt an s2s connection if the cert presented by
the peer server does not include the clientAuth or serverAuth bit.

Thanks!

/psa


From stpeter at stpeter.im  Mon Jan 26 16:31:22 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 26 Jan 2009 15:31:22 -0700
Subject: [jdev] Oracle Beehive
Message-ID: <497E39BA.6040208@stpeter.im>

It seems that Oracle's Beehive suite contains support for XMPP:

http://www.oracle.com/technology/products/beehive/platform.html

http://download.oracle.com/docs/cd/E13789_01/bh.100/e13791/xmpp.htm

Doe anyone on this list have experience with this software?

/psa




From mateusz.bilinski at gmail.com  Wed Jan 28 12:21:35 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Wed, 28 Jan 2009 19:21:35 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
Message-ID: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>

Hi.
Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
XEP-0004 [3] (+ XEP-0050 [4])?

My question is how to get JID of sender in command handler - the only
thing that it gets is 'form' and 'sessionid' (and none of this can
point out to full jid of sender).

If received XML was available in handler it would be easy to access
JabberID (code: xml.attrib['from']). Commands handling (and arguments
passing) is in file sleekxmpp/plugins/xep_0050.py).

I understand this question is pretty specific, but maybe someone had
similar problem. Kev? :>

[1] http://code.google.com/p/sleekxmpp/
[2] http://code.google.com/p/sleekbot/
[3] http://xmpp.org/extensions/xep-0004.html
[4] http://xmpp.org/extensions/xep-0050.html

-- 
Regards,
Mateusz Bili?ski (vArDo)


From remko at el-tramo.be  Wed Jan 28 13:41:01 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Wed, 28 Jan 2009 20:41:01 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
Message-ID: <133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>

> Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
> XEP-0004 [3] (+ XEP-0050 [4])?

Yes, it's even used in the book ;-)

> My question is how to get JID of sender in command handler - the only
> thing that it gets is 'form' and 'sessionid' (and none of this can
> point out to full jid of sender).

self.xmpp.plugin['xep_0050'].sessions[sessionId]['jid']

cheers,
Remko


From dereulenspiegel.3mrymn at no-mx.jabberforum.org  Thu Jan 29 06:33:12 2009
From: dereulenspiegel.3mrymn at no-mx.jabberforum.org (dereulenspiegel)
Date: Thu, 29 Jan 2009 13:33:12 +0100
Subject: [jdev] XEP-0174 (Link-local) support in Smack
References: <b6ae9fe90811262338q28dcdf85qc72ee4c34847968@mail.gmail.com>
	<b6ae9fe90812240145h5b5d7e1bxfed73c2d60d3809@mail.gmail.com>
Message-ID: <dereulenspiegel.3mrymn@no-mx.jabberforum.org>


Does anyone has a copy of this git repo? I tried to clone it but this
fails. I also tried to apply the patch he posted on ignite forums but
this patch seems to need a modified version of jmdns. Or does anyone
have a completely build and functional version if this?


-- 
dereulenspiegel
------------------------------------------------------------------------
dereulenspiegel's Profile: http://www.jabberforum.org/member.php?userid=17410
View this thread: http://www.jabberforum.org/showthread.php?t=1140



From mateusz.bilinski at gmail.com  Thu Jan 29 18:24:10 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Fri, 30 Jan 2009 01:24:10 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
Message-ID: <60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>

On Wed, Jan 28, 2009 at 20:41, Remko Tron?on <remko at el-tramo.be> wrote:
>> Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
>> XEP-0004 [3] (+ XEP-0050 [4])?
>
> Yes, it's even used in the book ;-)

Great to hear that. It's a really nice lib IMHO. :)

>> My question is how to get JID of sender in command handler - the only thing
>> that it gets is 'form' and 'sessionid' (and none of this can point out to
>> full jid of sender).
>
> self.xmpp.plugin['xep_0050'].sessions[sessionId]['jid']

Unfortunately, this does not work for me. I get KeyError (no 'jid').

Here's what's in my self.bot.plugin['xep_0050'].sessions[sessionID]:

{'next':
    <bound method memberbot.votingHandler of
		 <plugins.memberbot.memberbot object at 0x339fa90>>,
 'past':
		[(<sleekxmpp.plugins.xep_0004.Form object at 0x33c9a10>, None)]}

Item at 'next' key is my command handler. At 'past' I have Form object from
which I cannot however JID (as stated in previous posts). I get these at
breakpoint in my handler method.

These values are set in xep_0050.handler_command (or
xep_0050.handler_command_next) in xep_0050.py plugin file.

I think I've pretty much investigated all surroundings of 'sessions'
dictionary and I cannot find sender JID.

I've checked out latest SleekXMPP version from SVN to see whether I don't have
some old version, but the code is pretty much the same in that file.

Maybe I'm missing something?

Of course, I could add code to above metioned xep_0050 methods (patching
SleekXMPP), like this one (to make your code work):

self.sessions[sessionid]['jid'] = xml.attrib['from']

However, I want to avoid changing libs code locally. Other approach would be
patch SleekXMPP officially - I don't have anything against it, but (once
again) maybe I'm missing something :)

-- 
Regards,
Mateusz Bili?ski


From remko at el-tramo.be  Fri Jan 30 01:34:33 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Fri, 30 Jan 2009 08:34:33 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
	<60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
Message-ID: <133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>

> I've checked out latest SleekXMPP version from SVN to see whether I don't have
> some old version, but the code is pretty much the same in that file.

Ah, we are currently working with the Seesmic branch
(svn://netflint.net/sleekxmpp/branches/seesmic/sleekxmpp), although
this one could be a little buggy for you. Maybe that branch has the
'jid', and the others don't?

FYI, Fritzy is going to consolidate the branches soon.

cheers,
Remko


From mateusz.bilinski at gmail.com  Fri Jan 30 06:56:57 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Fri, 30 Jan 2009 13:56:57 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
	<60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
	<133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>
Message-ID: <60278bef0901300456kb4eb7ebueb458bb3230f9e0a@mail.gmail.com>

On Fri, Jan 30, 2009 at 08:34, Remko Tron?on <remko at el-tramo.be> wrote:
>> I've checked out latest SleekXMPP version from SVN to see whether I don't have
>> some old version, but the code is pretty much the same in that file.
>
> Ah, we are currently working with the Seesmic branch
> (svn://netflint.net/sleekxmpp/branches/seesmic/sleekxmpp), although
> this one could be a little buggy for you. Maybe that branch has the
> 'jid', and the others don't?

Yeap, you're right. Case solved. In seesmic branch there's an
additional line xep_0050.py file:

self.sessions[sessionid]['jid'] = xml.get('from')

So it's pretty similar to what I've wanted to add.

I've used trunk instead of seesmic (I didn't even know that this was
the most active branch), because SleekBot used it as external
SleekXMPP repo in it's trunk. :)

> FYI, Fritzy is going to consolidate the branches soon.

Great to hear that. For now I'll probably add the mentioned line to my
code as it will probably stay in merged code.

Many thanks, Remko :)

-- 
Regards,
Mateusz Bili?ski


From jlist9 at gmail.com  Thu Jan  1 20:42:26 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 18:42:26 -0800
Subject: [jdev] Show values of the Presence Message
Message-ID: <564746040.20090101184226@gmail.com>

Hi,
  
I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.
dnd and away are easy to understand. I'm not sure about chat, xa or
none. Any pointers? Does "chat" mean actively chatting and none mean
available but not chatting? Or, is "chat" the normal status while none
means the user is logged out?

-- 
Thanks,
Jack



From stpeter at stpeter.im  Thu Jan  1 21:02:37 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 1 Jan 2009 20:02:37 -0700
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <564746040.20090101184226@gmail.com>
References: <564746040.20090101184226@gmail.com>
Message-ID: <20090102030237.GC25476@stpeter.im>

On Thu, Jan 01, 2009 at 06:42:26PM -0800, jlist wrote:

> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show



From jlist9 at gmail.com  Thu Jan  1 21:33:06 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 19:33:06 -0800
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <20090102030237.GC25476@stpeter.im>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
Message-ID: <979943364.20090101193306@gmail.com>

Thanks Peter!

Thursday, January 1, 2009, 7:02:37 PM, you wrote:

> On Thu, Jan 01, 2009 at 06:42:26PM -0800, jlist wrote:

>> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show




From jlist9 at gmail.com  Thu Jan  1 23:13:17 2009
From: jlist9 at gmail.com (jlist)
Date: Thu, 1 Jan 2009 21:13:17 -0800
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <20090102030237.GC25476@stpeter.im>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
Message-ID: <382317849.20090101211317@gmail.com>

Speaking of presence messages, is there a way to tell from these
messages (or by any other means) that a buddy has gone off-line?

>> I wasn't able to find the definitions of dnd, chat, away, xa, "", etc.

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-show




From richard at indigo3.net  Fri Jan  2 02:21:32 2009
From: richard at indigo3.net (Richard Smith)
Date: Fri, 02 Jan 2009 09:21:32 +0100
Subject: [jdev] scaling a component
In-Reply-To: <4946B50F.4060806@buddycloud.com>
References: <4946B50F.4060806@buddycloud.com>
Message-ID: <495DCE8C.4050909@indigo3.net>

Simon Tennant wrote:
> Any tips or pointers would be most useful.  (I'll push the queries about
> load balancing components between servers to the ejabberd mailing list.)

If you happen to be running ejabberd as your core xmpp server, then just 
initiate multiple connections per comonent domain.

ejabberd is quite clever at scaling.

-- 
Richard






From machekku at uaznia.net  Fri Jan  2 02:30:56 2009
From: machekku at uaznia.net (Maciek Niedzielski)
Date: Fri, 02 Jan 2009 09:30:56 +0100
Subject: [jdev] Show values of the Presence Message
In-Reply-To: <382317849.20090101211317@gmail.com>
References: <564746040.20090101184226@gmail.com>	<20090102030237.GC25476@stpeter.im>
	<382317849.20090101211317@gmail.com>
Message-ID: <495DD0C0.3080409@uaznia.net>

jlist wrote:
> Speaking of presence messages, is there a way to tell from these
> messages (or by any other means) that a buddy has gone off-line?

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.section.4.7.1

Basically, you send <presence type='unavailable'/>

-- 
Maciek
  xmpp:machekku at uaznia.net


From jlist9 at gmail.com  Fri Jan  2 15:49:01 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Fri, 2 Jan 2009 13:49:01 -0800
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <495DD0C0.3080409@uaznia.net>
References: <564746040.20090101184226@gmail.com>
	<20090102030237.GC25476@stpeter.im>
	<382317849.20090101211317@gmail.com> <495DD0C0.3080409@uaznia.net>
Message-ID: <1729456589.20090102134901@gmail.com>

Hello Maciek,

Thanks for your reply. I've added that but it doesn't seem to
solve my problem. What I'm trying to do is to log in with the
same user twice but bind to different resources. And I'd like
any of the two instances notified when the other instance logs out.

Do I need to explicitly subscribe to the other instances's presence
stanzas?

Jack

>> Speaking of presence messages, is there a way to tell from these
>> messages (or by any other means) that a buddy has gone off-line?

> http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.section.4.7.1

> Basically, you send <presence type='unavailable'/>




From lambda512 at gmail.com  Fri Jan  2 16:32:03 2009
From: lambda512 at gmail.com (naw)
Date: Fri, 2 Jan 2009 23:32:03 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <1729456589.20090102134901@gmail.com>
References: <564746040.20090101184226@gmail.com> <495DD0C0.3080409@uaznia.net>
	<1729456589.20090102134901@gmail.com>
Message-ID: <200901022332.03903.lambda512@gmail.com>

El Viernes 02 Enero 2009, jlist9 at gmail.com escribi?:
> Hello Maciek,
>
> Thanks for your reply. I've added that but it doesn't seem to
> solve my problem. What I'm trying to do is to log in with the
> same user twice but bind to different resources. And I'd like
> any of the two instances notified when the other instance logs out.
>
> Do I need to explicitly subscribe to the other instances's presence
> stanzas?
>
> Jack
>
> >> Speaking of presence messages, is there a way to tell from these
> >> messages (or by any other means) that a buddy has gone off-line?
> >
> > http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#rfc.s
> >ection.4.7.1
> >
> > Basically, you send <presence type='unavailable'/>
>

When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
<presence from="xxxx at jabberes.org/Home" type="unavailable" 
to="xxxx at jabberes.org/Psi" /> 

I don't remember to be subscribed explicitly to myself.


From jlist9 at gmail.com  Fri Jan  2 19:26:11 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Fri, 2 Jan 2009 17:26:11 -0800
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <200901022332.03903.lambda512@gmail.com>
References: <564746040.20090101184226@gmail.com> <495DD0C0.3080409@uaznia.net>
	<1729456589.20090102134901@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
Message-ID: <551372200.20090102172611@gmail.com>


>> Thanks for your reply. I've added that but it doesn't seem to
>> solve my problem. What I'm trying to do is to log in with the
>> same user twice but bind to different resources. And I'd like
>> any of the two instances notified when the other instance logs out.
>>
>> Do I need to explicitly subscribe to the other instances's presence
>> stanzas?
>>

> When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> <presence from="xxxx at jabberes.org/Home" type="unavailable" 
> to="xxxx at jabberes.org/Psi" /> 

> I don't remember to be subscribed explicitly to myself.

Hmm. Maybe the servers don't behave the same way. I was experimenting
with gtalk...



From lambda512 at gmail.com  Sat Jan  3 06:38:33 2009
From: lambda512 at gmail.com (naw)
Date: Sat, 3 Jan 2009 13:38:33 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <551372200.20090102172611@gmail.com>
References: <564746040.20090101184226@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
	<551372200.20090102172611@gmail.com>
Message-ID: <200901031338.35340.lambda512@gmail.com>

El S?bado 03 Enero 2009, jlist9 at gmail.com escribi?:
> >> Thanks for your reply. I've added that but it doesn't seem to
> >> solve my problem. What I'm trying to do is to log in with the
> >> same user twice but bind to different resources. And I'd like
> >> any of the two instances notified when the other instance logs out.
> >>
> >> Do I need to explicitly subscribe to the other instances's presence
> >> stanzas?
> >
> > When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> > <presence from="xxxx at jabberes.org/Home" type="unavailable"
> > to="xxxx at jabberes.org/Psi" />
> >
> > I don't remember to be subscribed explicitly to myself.
>
> Hmm. Maybe the servers don't behave the same way. I was experimenting
> with gtalk...

gtalk behaves in the same way
<presence from="xxxx at gmail.com/HomeCF82D0B9" type="unavailable" 
to="xxxx at gmail.com" />

Did you get the roster (buddy list) from the server? If not, I think that you 
won't receive presence updates.

-- 

Jabber-ID: lambda512 at jabberes.org lambda512 at gmail.com


From tomek at xiaoka.com  Sat Jan  3 07:38:07 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Sat, 03 Jan 2009 14:38:07 +0100
Subject: [jdev] Show values of the Presence Message -> logout
In-Reply-To: <200901022332.03903.lambda512@gmail.com>
References: <564746040.20090101184226@gmail.com>
	<495DD0C0.3080409@uaznia.net> <1729456589.20090102134901@gmail.com>
	<200901022332.03903.lambda512@gmail.com>
Message-ID: <1230989887.5199.9.camel@wing>

Dnia 2009-01-02, pi? o godzinie 23:32 +0100, naw pisze:
> When I'm on "Home" and "Psi" and I disconnect from "Home" I get:
> <presence from="xxxx at jabberes.org/Home" type="unavailable" 
> to="xxxx at jabberes.org/Psi" /> 
> 
> I don't remember to be subscribed explicitly to myself.

Why don't you just make the effort and read XMPP-IM RFC?

http://xmpp.org/internet-drafts/draft-saintandre-rfc3921bis-07.html#presence-broadcast-outbound
"The user's server MUST also send the presence stanza to all of the
user's available resources (including the resource that generated the
presence notification in the first place)."

-- 




From stpeter at stpeter.im  Tue Jan  6 15:33:17 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Tue, 06 Jan 2009 14:33:17 -0700
Subject: [jdev] FOSDEM update
Message-ID: <4963CE1D.2000200@stpeter.im>

In its weekly meeting just now, the XSF Board of Directors decided on
the following schedule for the FOSDEM weekend (to discuss further,
please join the summit at xmpp.org list, which you can do via the web at
<http://mail.jabber.org/mailman/listinfo/summit>)....

***

Friday, February 6

A Jingle hackfest for developers who wish to code and test their
implemenations of Jingle, primarily at this point for voice and video.

Saturday, February 7

Public talks and tutorials for larger audiences at FOSDEM (we have a
"devroom" from noon to 6 PM); if you are interested in presenting a talk
or tutorial, please contact Peter Saint-Andre.

Sunday, February 8

Developers are free to attend the second day of the FOSDEM conference.
We'll need help manning the booth and attending talks to spread the word
about XMPP. Also expect many interesting "hallway" discussions and
continued hacking in the background.

Monday, February 9

The "summit" itself: Intensive discussions among core XMPP developers to
solve pressing problems in the XMPP "protocol stack"; the main topics
will probably be mobile optimizations, file transfer, and end-to-end
encryption as recently prioritized by the XMPP Council.

***

See you in Brussels!

/psa


From jlist9 at gmail.com  Thu Jan  8 15:30:00 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 13:30:00 -0800
Subject: [jdev] Smack API and jabber.org
Message-ID: <728707467.20090108133000@gmail.com>

Hello all,

Has anyone tried using jivesoftware's Smack API to access
jabber.org? I tried some sample code on their forum but I was
getting an error. The same code (with the slight difference of
using a full email address) works fine for talk.google.com.

Or, has anyone tried any java XMPP library with success?


The error:

SASL authentication failed using mechanism PLAIN:
        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)

The sample code:

ConnectionConfiguration cc = new ConnectionConfiguration("jabber.org", 5222, "jabber.org");
XMPPConnection connection = new XMPPConnection(cc);
try {
     connection.connect();
     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
     connection.login("your.jabber", "password", "resource");
     System.out.println(connection.isAuthenticated());
} catch (XMPPException e1) {
     e1.printStackTrace();
}

-- 
Best regards,
Jack



From mwild1 at gmail.com  Thu Jan  8 19:34:25 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Fri, 9 Jan 2009 01:34:25 +0000
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <728707467.20090108133000@gmail.com>
References: <728707467.20090108133000@gmail.com>
Message-ID: <4db9cacb0901081734n4a520feeo9d85d4b7ed831739@mail.gmail.com>

On Thu, Jan 8, 2009 at 9:30 PM,  <jlist9 at gmail.com> wrote:
>     connection.login("your.jabber", "password", "resource");

Just a shot in the dark since I don't know smack, but have you tried
putting the full bare JID here, instead of just the username?

Failing that, capture the XML being sent to the server and verify that
the base64'd login credentials are correct.

Matthew.


From sumedha.r at gmail.com  Thu Jan  8 20:42:27 2009
From: sumedha.r at gmail.com (sumedha rubasinghe)
Date: Fri, 9 Jan 2009 08:12:27 +0530
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <728707467.20090108133000@gmail.com>
References: <728707467.20090108133000@gmail.com>
Message-ID: <358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>

Hi,
I have following code block & it works.
/sumedha

xmppConnection = new XMPPConnection(serverCredentials.getServerUrl());
try {
	xmppConnection.connect();
} catch (XMPPException e) {
      log.error("Failed to connect to server
:"+serverCredentials.getServerUrl(), e);
}
//Pause for a small time before trying to login.
//This prevents random ssl exception from Smack API
try {
	Thread.sleep(100);
} catch (InterruptedException e5) {
	log.debug("Sleep interrupted ",e5);
}

if(xmppConnection.isConnected()){
	if(! xmppConnection.isAuthenticated()){
	try {
		xmppConnection.login(serverCredentials.getAccountName()+"@"+
					serverCredentials.getServerUrl(),
					serverCredentials.getPassword(),
					serverCredentials.getResource(),
					true);
	} catch (XMPPException e) {
		try {
			log.error("Login failed for "
					+serverCredentials.getAccountName()
					+"@"+serverCredentials.getServerUrl()
					+".Retrying in 2 secs",e);
			Thread.sleep(2000);
			xmppConnection.login(serverCredentials.getAccountName()+"@"+
					serverCredentials.getServerUrl(),
    				        serverCredentials.getPassword(),
					serverCredentials.getResource(),
					true);
			} catch (InterruptedException e1) {
				log.error("Sleep interrupted.",e1);
			} catch (XMPPException e2) {
				log.error("Login failed for : "+serverCredentials.getAccountName()
						+"@"+serverCredentials.getServerUrl(),e2);
				throw new AxisFault("Login failed for : "+serverCredentials.getAccountName()
						+"@"+serverCredentials.getServerUrl());
			}
		}
	        //Listen for Message type packets from specified server url
		//packetFilter = new AndFilter(new PacketTypeFilter(Message.class),
		//		new FromContainsFilter(serverCredentials.getServerUrl()));
		packetFilter = new FromContainsFilter(serverCredentials.getServerUrl());					
	}
}					





On Fri, Jan 9, 2009 at 3:00 AM,  <jlist9 at gmail.com> wrote:
> Hello all,
>
> Has anyone tried using jivesoftware's Smack API to access
> jabber.org? I tried some sample code on their forum but I was
> getting an error. The same code (with the slight difference of
> using a full email address) works fine for talk.google.com.
>
> Or, has anyone tried any java XMPP library with success?
>
>
> The error:
>
> SASL authentication failed using mechanism PLAIN:
>        at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
>        at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
>        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)
>
> The sample code:
>
> ConnectionConfiguration cc = new ConnectionConfiguration("jabber.org", 5222, "jabber.org");
> XMPPConnection connection = new XMPPConnection(cc);
> try {
>     connection.connect();
>     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
>     connection.login("your.jabber", "password", "resource");
>     System.out.println(connection.isAuthenticated());
> } catch (XMPPException e1) {
>     e1.printStackTrace();
> }
>
> --
> Best regards,
> Jack
>
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>


From jlist9 at gmail.com  Thu Jan  8 22:38:59 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 20:38:59 -0800
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
Message-ID: <102526468.20090108203859@gmail.com>

Thanks sumedha. It looks like you are not using the latest version
of Smack (3.1.0 beta), since the XMPPConnection class of this version
doesn't have a login(String, String, String, boolean) function.
It's login(String, String, String) instead.

But if it works, I wonder if it's possible for me to get the jar files
from you? I'd like to give that version a try.

Thursday, January 8, 2009, 6:42:27 PM, you wrote:

> Hi,
> I have following code block & it works.
> /sumedha

> xmppConnection = new
> XMPPConnection(serverCredentials.getServerUrl());
> try {
> 	xmppConnection.connect();
> } catch (XMPPException e) {
>       log.error("Failed to connect to server
> :"+serverCredentials.getServerUrl(), e);
> }
> //Pause for a small time before trying to login.
> //This prevents random ssl exception from Smack API
> try {
> 	Thread.sleep(100);
> } catch (InterruptedException e5) {
> 	log.debug("Sleep interrupted ",e5);
> }

> if(xmppConnection.isConnected()){
> 	if(! xmppConnection.isAuthenticated()){
> 	try {
> 		xmppConnection.login(serverCredentials.getAccountName()+"@"+
> 					serverCredentials.getServerUrl(),
> 					serverCredentials.getPassword(),
> 					serverCredentials.getResource(),
> 					true);
> 	} catch (XMPPException e) {
> 		try {
> 			log.error("Login failed for "
> 					+serverCredentials.getAccountName()
> 					+"@"+serverCredentials.getServerUrl()
> 					+".Retrying in 2 secs",e);
> 			Thread.sleep(2000);
> 			xmppConnection.login(serverCredentials.getAccountName()+"@"+
> 					serverCredentials.getServerUrl(),
>     				        serverCredentials.getPassword(),
> 					serverCredentials.getResource(),
> 					true);
> 			} catch (InterruptedException e1) {
> 				log.error("Sleep interrupted.",e1);
> 			} catch (XMPPException e2) {
> 				log.error("Login failed for :
> "+serverCredentials.getAccountName()
> 						+"@"+serverCredentials.getServerUrl(),e2);
> 				throw new AxisFault("Login failed for :
> "+serverCredentials.getAccountName()
> 						+"@"+serverCredentials.getServerUrl());
> 			}
> 		}
> 	        //Listen for Message type packets from specified server url
> 		//packetFilter = new AndFilter(new PacketTypeFilter(Message.class),
> 		//		new FromContainsFilter(serverCredentials.getServerUrl()));
> 		packetFilter = new
> FromContainsFilter(serverCredentials.getServerUrl());					
> 	}
> }					





> On Fri, Jan 9, 2009 at 3:00 AM,  <jlist9 at gmail.com> wrote:
>> Hello all,
>>
>> Has anyone tried using jivesoftware's Smack API to access
>> jabber.org? I tried some sample code on their forum but I was
>> getting an error. The same code (with the slight difference of
>> using a full email address) works fine for talk.google.com.
>>
>> Or, has anyone tried any java XMPP library with success?
>>
>>
>> The error:
>>
>> SASL authentication failed using mechanism PLAIN:
>>        at
>> org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:325)
>>        at
>> org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
>>        at com.gn.xmpp.XmppTest.main(XmppTest.java:40)
>>
>> The sample code:
>>
>> ConnectionConfiguration cc = new
>> ConnectionConfiguration("jabber.org", 5222, "jabber.org");
>> XMPPConnection connection = new XMPPConnection(cc);
>> try {
>>     connection.connect();
>>     SASLAuthentication.supportSASLMechanism("PLAIN", 0);
>>     connection.login("your.jabber", "password", "resource");
>>     System.out.println(connection.isAuthenticated());
>> } catch (XMPPException e1) {
>>     e1.printStackTrace();
>> }




From sumedha.r at gmail.com  Thu Jan  8 23:37:52 2009
From: sumedha.r at gmail.com (sumedha rubasinghe)
Date: Fri, 9 Jan 2009 11:07:52 +0530
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <1979015996.20090108212208@gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
	<102526468.20090108203859@gmail.com>
	<358531180901082117g3a1b7680k79e0f41b4e7cd186@mail.gmail.com>
	<1979015996.20090108212208@gmail.com>
Message-ID: <358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>

Hi,
You can download it from here[1].
wonder why old distributions are not available... Even I could not
find it on their site. :-)

/sumedha
http://sumedha.blogspot.com

[1] http://ws.zones.apache.org/repository2/org/igniterealtime/



On Fri, Jan 9, 2009 at 10:52 AM,  <jlist9 at gmail.com> wrote:
> Would it be possible for you to email me the two jar files?
> Their site doesn't seem to provide downloads for earlier versions :(
> I'd appreciate it.
>
>> Your correct, I am using Smack 3.0.4. (Downloadable from smack site)
>
>> /sumedha
>
>
>> On Fri, Jan 9, 2009 at 10:08 AM,  <jlist9 at gmail.com> wrote:
>>> Thanks sumedha. It looks like you are not using the latest version
>>> of Smack (3.1.0 beta), since the XMPPConnection class of this version
>>> doesn't have a login(String, String, String, boolean) function.
>>> It's login(String, String, String) instead.
>>>
>>> But if it works, I wonder if it's possible for me to get the jar files
>>> from you? I'd like to give that version a try.
>
>
>


From jlist9 at gmail.com  Fri Jan  9 00:33:52 2009
From: jlist9 at gmail.com (jlist9 at gmail.com)
Date: Thu, 8 Jan 2009 22:33:52 -0800
Subject: [jdev] Smack API and jabber.org
In-Reply-To: <358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>
References: <728707467.20090108133000@gmail.com>
	<358531180901081842w118e8f6j81118360d6f51e4@mail.gmail.com>
	<102526468.20090108203859@gmail.com>
	<358531180901082117g3a1b7680k79e0f41b4e7cd186@mail.gmail.com>
	<1979015996.20090108212208@gmail.com>
	<358531180901082137q6234cf51i838f452f396edf9@mail.gmail.com>
Message-ID: <491441170.20090108223352@gmail.com>

Thanks sumedha!

> You can download it from here[1].
> wonder why old distributions are not available... Even I could not
> find it on their site. :-)

> /sumedha
> http://sumedha.blogspot.com

> [1] http://ws.zones.apache.org/repository2/org/igniterealtime/




From Jehan.3lqu8n at no-mx.jabberforum.org  Fri Jan  9 05:27:31 2009
From: Jehan.3lqu8n at no-mx.jabberforum.org (Jehan)
Date: Fri, 9 Jan 2009 12:27:31 +0100
Subject: [jdev] out of scope: Quakelive would use XMPP
Message-ID: <Jehan.3lqu8n@no-mx.jabberforum.org>


Hi all,

I don't know exactly where to post this info, so sorry because it is a
little out of scope in jdev. But I am forwarding a message read from a
Linux community french website:
https://linuxfr.org/~Skateinmars/27735.html

Apparently the QuakeLive game ( http://www.quakelive.com/noflash.html )
would use XMPP as the guy reported that during a game launch, he can
read "Waiting on XMPP Authentication". Then he could find this email
from an idsoftware dev which seems to corroborate the XMPP hypothesis:
https://mailman.ik.nu/pipermail/twisted-jabber/2008-May/000149.html

Now even games from big companies are using XMPP! Nice, isn't it?

Jehan


-- 
Jehan
------------------------------------------------------------------------
Jehan's Profile: http://www.jabberforum.org/member.php?userid=16911
View this thread: http://www.jabberforum.org/showthread.php?t=1310



From gnauck at ag-software.de  Fri Jan  9 13:15:18 2009
From: gnauck at ag-software.de (Alexander Gnauck)
Date: Fri, 09 Jan 2009 20:15:18 +0100
Subject: [jdev] XSF membership application period Q1/2009
Message-ID: <4967A246.9060603@ag-software.de>

The XMPP Standards Foundation (XSF) is currently holding its quarterly 
membership application period:
http://wiki.xmpp.org/web/Membership_Applications_January_2009

Applications are encouraged from developers and others who are actively 
involved in the Jabber/XMPP community. To apply, create a page about 
yourself on the wiki.

If you don't have a wiki account, send your name, preferred nickname and 
email address to me or one of the other Sysops:
http://wiki.xmpp.org/index.php/Sysops

The application period ends on 26th January 2009 23:59h UTC, so apply today!

Thanks,
Alex


From kamanashisroy at gmail.com  Sat Jan 10 11:25:45 2009
From: kamanashisroy at gmail.com (Kamanashis Roy Shuva)
Date: Sat, 10 Jan 2009 23:25:45 +0600
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <4967A246.9060603@ag-software.de>
References: <4967A246.9060603@ag-software.de>
Message-ID: <ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>

Hi,

  I am Kamanashis Roy, my nick name is Shuva .. I wish to be a member of
this wiki.

  I wish to talk about the best data exchange, document exchange and
rendering techniques available here, for example,
http://xmpp.org/extensions/xep-0004.html,
http://xmpp.org/extensions/xep-0071.html and some upcoming portocols if
available. Surely I need some discussion and help about that. And I like to
implement those things in MiniIM.

-- 
-- Sharp blade clean shield

Kamanashis Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090110/7c3f6b79/attachment-0003.htm>

From mwild1 at gmail.com  Sat Jan 10 11:55:09 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Sat, 10 Jan 2009 17:55:09 +0000
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
Message-ID: <4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>

On Sat, Jan 10, 2009 at 5:25 PM, Kamanashis Roy Shuva
<kamanashisroy at gmail.com> wrote:
> Hi,
>
>   I am Kamanashis Roy, my nick name is Shuva .. I wish to be a member of
> this wiki.
>

You should have just received an email with your account details, let
me know if there are any problems :)

Matthew.


From kamanashisroy at gmail.com  Sun Jan 11 11:14:22 2009
From: kamanashisroy at gmail.com (Kamanashis Roy Shuva)
Date: Sun, 11 Jan 2009 23:14:22 +0600
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
	<4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
Message-ID: <ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>

Hi,

  Thanks for your reply. I already have an account as
kamanashisroy at jabber.org . I am little confused with that. Should I use the
same account ? or is it possible to use the same ? If it is, then I like to
use that.

-- 
-- Sharp blade clean shield

Kamanashis Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090111/ea0e8e7c/attachment-0003.htm>

From mwild1 at gmail.com  Sun Jan 11 11:50:14 2009
From: mwild1 at gmail.com (Matthew Wild)
Date: Sun, 11 Jan 2009 17:50:14 +0000
Subject: [jdev] XSF membership application period Q1/2009
In-Reply-To: <ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>
References: <4967A246.9060603@ag-software.de>
	<ce35fdf10901100925q113c0ac8i568c8ca10ca86ff1@mail.gmail.com>
	<4db9cacb0901100955t2b5d2a4dp12ef3b8d215c05f9@mail.gmail.com>
	<ce35fdf10901110914r407a242o4f771f22a69f7637@mail.gmail.com>
Message-ID: <4db9cacb0901110950n62200c70x7235d369eb732ab@mail.gmail.com>

On Sun, Jan 11, 2009 at 5:14 PM, Kamanashis Roy Shuva
<kamanashisroy at gmail.com> wrote:
> Hi,
>
>   Thanks for your reply. I already have an account as
> kamanashisroy at jabber.org . I am little confused with that. Should I use the
> same account ? or is it possible to use the same ? If it is, then I like to
> use that.
>

If you are asking whether our wiki authentication can use XMPP
accounts I'm afraid that the answer is no. Wiki accounts are separate.

Matthew.


From stpeter at stpeter.im  Mon Jan 12 13:15:50 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 12 Jan 2009 12:15:50 -0700
Subject: [jdev] Pidgin survey results
Message-ID: <496B96E6.9010601@stpeter.im>

Some interesting numbers here:

http://pidgin.im/survey/results/survey0summary.html

In particular, "Which of the following protocol types do you use?"
yields the following numbers:

MSN 	67%
Google	51%
ICQ 	44%
XMPP 	39%
Yahoo 	32%
AIM 	28%
IRC 	23%

Everything else is in the single digits.

/psa


From nathanfritz at gmail.com  Mon Jan 12 14:34:25 2009
From: nathanfritz at gmail.com (Nathan Fritz)
Date: Mon, 12 Jan 2009 12:34:25 -0800
Subject: [jdev] Pidgin survey results
In-Reply-To: <496B96E6.9010601@stpeter.im>
References: <496B96E6.9010601@stpeter.im>
Message-ID: <182eea400901121234i638cd234k431c536326033029@mail.gmail.com>

Too bad that Google and XMPP aren't combined.  They could have 90% people
using XMPP and not know it.  However, it's more likely that there's some
overlap there, and it's more like 70%.  It's hard to say.

On Mon, Jan 12, 2009 at 11:15 AM, Peter Saint-Andre <stpeter at stpeter.im>wrote:

> Some interesting numbers here:
>
> http://pidgin.im/survey/results/survey0summary.html
>
> In particular, "Which of the following protocol types do you use?"
> yields the following numbers:
>
> MSN     67%
> Google  51%
> ICQ     44%
> XMPP    39%
> Yahoo   32%
> AIM     28%
> IRC     23%
>
> Everything else is in the single digits.
>
> /psa
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090112/470f409b/attachment-0003.htm>

From justin-keyword-jabber.093179 at affinix.com  Mon Jan 12 18:47:49 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Mon, 12 Jan 2009 16:47:49 -0800
Subject: [jdev] Pidgin survey results
In-Reply-To: <496B96E6.9010601@stpeter.im>
References: <496B96E6.9010601@stpeter.im>
Message-ID: <200901121647.49734.justin-keyword-jabber.093179@affinix.com>

On Monday 12 January 2009 11:15:50 Peter Saint-Andre wrote:
> Some interesting numbers here:
>
> http://pidgin.im/survey/results/survey0summary.html
>
> In particular, "Which of the following protocol types do you use?"
> yields the following numbers:
>
> MSN 	67%
> Google	51%
> ICQ 	44%
> XMPP 	39%
> Yahoo 	32%
> AIM 	28%
> IRC 	23%

In the survey, Linux was the most-used platform, and ICQ is ahead of both AIM 
and Yahoo.  So, there's clearly some geeky/regional bias.

However, it's good to know that among these types of users, XMPP ranks highly.

-Justin


From spike411.3lxvxz at no-mx.jabberforum.org  Tue Jan 13 00:48:01 2009
From: spike411.3lxvxz at no-mx.jabberforum.org (spike411)
Date: Tue, 13 Jan 2009 07:48:01 +0100
Subject: [jdev] Pidgin survey results
References: <496B96E6.9010601@stpeter.im>
Message-ID: <spike411.3lxvxz@no-mx.jabberforum.org>


You might also be interested in Adium results (from Sparkle
auto-update):

http://www.adiumx.com/sparkle/


-- 
spike411
------------------------------------------------------------------------
spike411's Profile: http://www.jabberforum.org/member.php?userid=17075
View this thread: http://www.jabberforum.org/showthread.php?t=1319



From gmsk19 at gmail.com  Tue Jan 13 01:27:52 2009
From: gmsk19 at gmail.com (shashi kiran)
Date: Tue, 13 Jan 2009 12:57:52 +0530
Subject: [jdev] Pidgin survey results
In-Reply-To: <spike411.3lxvxz@no-mx.jabberforum.org>
References: <496B96E6.9010601@stpeter.im>
	<spike411.3lxvxz@no-mx.jabberforum.org>
Message-ID: <84a4eed70901122327y7f05b6day4fef93f4862f41cc@mail.gmail.com>

I Agree with Nathan about combining XMPP and GoogleTalk Numbers. Yahoo is on
its way down.  Don't be surprised the if MSN usage goes down in next year's
poll not that it is bad protocol but the its just that XMPP is far more
convenient.

On Tue, Jan 13, 2009 at 12:18 PM, spike411 <
spike411.3lxvxz at no-mx.jabberforum.org> wrote:

>
> You might also be interested in Adium results (from Sparkle
> auto-update):
>
> http://www.adiumx.com/sparkle/
>
>
> --
> spike411
> ------------------------------------------------------------------------
> spike411's Profile: http://www.jabberforum.org/member.php?userid=17075
> View this thread: http://www.jabberforum.org/showthread.php?t=1319
>
> _______________________________________________
> JDev mailing list
> FAQ: http://www.jabber.org/discussion-lists/jdev-faq
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>



-- 
Regards
Shashi Kiran G M
Software Engineer
Geodesic Information Systems Pvt Ltd
(http://messenger.mundu.com)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090113/090201a3/attachment-0003.htm>

From remko at el-tramo.be  Tue Jan 13 01:54:52 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Tue, 13 Jan 2009 08:54:52 +0100
Subject: [jdev] Pidgin survey results
In-Reply-To: <200901121647.49734.justin-keyword-jabber.093179@affinix.com>
References: <496B96E6.9010601@stpeter.im>
	<200901121647.49734.justin-keyword-jabber.093179@affinix.com>
Message-ID: <133fd4c60901122354l3d7bfb17mfad19e0b27040b20@mail.gmail.com>

> In the survey, Linux was the most-used platform, and ICQ is ahead of both AIM
> and Yahoo.  So, there's clearly some geeky/regional bias.

Exactly. Since Pidgin is mostly a Linux client, it attracts certain
crowds (although it might be shifting a little bit with Ubuntu).

The Adium results on the other hand are a lot more significant i
think. Most Mac users I know use Adium for their IM needs (so it's not
just a geek thing), and Mac users cover a big spectrum of users. And
the results indeed look more like expected: MSN and AIM way up there.
Google Talk is still quite high though, so that's cool.

cheers,
Remko


From richard at indigo3.net  Wed Jan 14 03:20:11 2009
From: richard at indigo3.net (Richard Smith)
Date: Wed, 14 Jan 2009 10:20:11 +0100
Subject: [jdev] Mixing Attribute Namespaces
Message-ID: <496DAE4B.5030807@indigo3.net>

Hello,

I've been having a think over the past few days and have been wondering if
applying namespaces on an attribute level is valid within XMPP, and if there
are any guidelines as to attribute specifications used.

What I'm pondering is while the following is valid XML, is it valid under XMPP?

<message
 to="..."
 from="..."
 xmlns:magicNS="urn:blah:etc"
 magicNS:attr1="..." >...

>From what I understand in RFC3920 this would be ok, however mildly confusing
etc.

Am I right in thinking that while this is valid, it's generally not good for
client understanding? Not that I care much in this context anyway since I'm
using XMPP as a transport protocol for something non-IM based, but it's
always good to know :)

-- 
Richard




From m at tthias.eu  Wed Jan 14 03:27:45 2009
From: m at tthias.eu (Matthias Wimmer)
Date: Wed, 14 Jan 2009 10:27:45 +0100
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <496DB011.2040409@tthias.eu>

Hi Richard,

Richard Smith schrieb:
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...

Why should it be bad? I don't see why it should be forbidden neither do 
I see where it should cause harm.

You should just keep in mind, that

<message xmlns='jabber:client' to='...' from='...'>...
and
<foo:message xmlns='jabber:client' to='...' from='...'>...

are from the pure XML point of view the same as a 'normal' stanza 
without the xmlns attribute,

while

<message xmlns:foo='jabber:client' foo:to='...' foo:from='...'>...
and
<foo:message xmlns:foo='jabber:client' foo:to='...' foo:from='...'>...

are not equivalent to the above to stanzas. I.e. an attribute name 
without a prefix does not denote an attribute in the default namespace, 
but an attribute that belongs to the element.


Matthias

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3271 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090114/1ad81fc3/attachment-0003.bin>

From dave at cridland.net  Wed Jan 14 03:39:24 2009
From: dave at cridland.net (Dave Cridland)
Date: Wed, 14 Jan 2009 09:39:24 +0000
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <12062.1231925964.315880@peirce.dave.cridland.net>

On Wed Jan 14 09:20:11 2009, Richard Smith wrote:
> Hello,
> 
> I've been having a think over the past few days and have been  
> wondering if
> applying namespaces on an attribute level is valid within XMPP, and  
> if there
> are any guidelines as to attribute specifications used.
> 
> What I'm pondering is while the following is valid XML, is it valid  
> under XMPP?
> 
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...
> 
> From what I understand in RFC3920 this would be ok, however mildly  
> confusing
> etc.
> 
> Am I right in thinking that while this is valid, it's generally not  
> good for
> client understanding? Not that I care much in this context anyway  
> since I'm
> using XMPP as a transport protocol for something non-IM based, but  
> it's
> always good to know :)

Strictly, I think this is valid, however I'm not convinced that all  
servers would pass it through - my understanding is that stanza-level  
attributes are essentially reserved for hop-by-hop work. I'm not sure  
that's a hard and fast rule, but it certainly fits my experience.

On the other hand, putting namespaced elements (or attributes) inside  
a stanza will get passed through for certain, as well as being more a  
more traditional extension technique.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


From tomek at xiaoka.com  Wed Jan 14 04:07:26 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Wed, 14 Jan 2009 11:07:26 +0100
Subject: [jdev] Mixing Attribute Namespaces
In-Reply-To: <496DAE4B.5030807@indigo3.net>
References: <496DAE4B.5030807@indigo3.net>
Message-ID: <1231927646.5718.83.camel@wing>

Dnia 2009-01-14, ?ro o godzinie 10:20 +0100, Richard Smith pisze:
> What I'm pondering is while the following is valid XML, is it valid
> under XMPP?
> 
> <message
>  to="..."
>  from="..."
>  xmlns:magicNS="urn:blah:etc"
>  magicNS:attr1="..." >...
> 
> >From what I understand in RFC3920 this would be ok, however mildly
> confusing
> etc.
> 
> Am I right in thinking that while this is valid, it's generally not
> good for
> client understanding? Not that I care much in this context anyway
> since I'm
> using XMPP as a transport protocol for something non-IM based, but
> it's
> always good to know :)

It is valid.

Historically (in pre-XMPP jabber network) most clients did not support
xmlns. This is why there are some strange restrictions applied on XMPP
streams.
But todays XMPP requires full xml namespace support, and IIRC GTalk uses
them extensively, so sooner or later all servers and clients would
support xmlns correctly.


-- 




From stpeter at stpeter.im  Wed Jan 14 11:29:18 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Wed, 14 Jan 2009 10:29:18 -0700
Subject: [jdev] [Fwd: [Summit] logistics]
Message-ID: <496E20EE.7050806@stpeter.im>

FYI. Join the summit at xmpp.org list if you'll be at FOSDEM and want to
participate in any of these activities.

-------- Original Message --------
Subject: [Summit] logistics
Date: Wed, 14 Jan 2009 10:13:28 -0700
From: Peter Saint-Andre <stpeter at stpeter.im>
Reply-To: XMPP Summit <summit at xmpp.org>
To: summit at xmpp.org

The Jingle Thingle (Friday) and the XMPP Summit (Monday) will take place
at the Hotel Bedford:

http://www.hotelbedford.be/

Details here:

http://xmpp.org/summit/summit6.shtml

The rate for sleeping rooms seems quite reasonable at the Bedford. There
is a booking.com link at the Summit6 page. Room sharing is encouraged
and we can hook people up on this list.

Peter



From elmex at x-paste.de  Thu Jan 15 10:21:57 2009
From: elmex at x-paste.de (Robin Redeker)
Date: Thu, 15 Jan 2009 17:21:57 +0100
Subject: [jdev] GSSAPI and service hostname
Message-ID: <20090115162157.GA5746@elmex2>

Hi!


I've received a bugreport for my Perl module AnyEvent::XMPP recently,
that says that I should not pass the domain of the JID as service hostname
to SASL (and later the GSSAPI mechanism).

Then I've been trying to figure out how the JID is mapped to the service
hostname of the XMPP server for GSSAPI authentication, bringing me to the
conclusion that the RFC 3920 (bis) doesn't say much about the _hostname_
of the service.

So here my question to the broad mass of developers: How should I determine
the hostname of the service I'm authenticating with?

I also wonder which server supports GSSAPI mechanims, so that I can
test implementation.


Thanks,
   Robin

-- 
Robin Redeker                         | Deliantra, the free code+content MORPG
elmex at ta-sa.org / r.redeker at gmail.com | http://www.deliantra.net
http://www.ta-sa.org/                 |


From stpeter at stpeter.im  Thu Jan 15 10:51:30 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 15 Jan 2009 09:51:30 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <20090115162157.GA5746@elmex2>
References: <20090115162157.GA5746@elmex2>
Message-ID: <496F6992.90604@stpeter.im>

Robin Redeker wrote:
> Hi!
> 
> 
> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
> that says that I should not pass the domain of the JID as service hostname
> to SASL (and later the GSSAPI mechanism).
> 
> Then I've been trying to figure out how the JID is mapped to the service
> hostname of the XMPP server for GSSAPI authentication, bringing me to the
> conclusion that the RFC 3920 (bis) doesn't say much about the _hostname_
> of the service.

RFC 3920 (or rfc3920bis) doesn't get into the details of particular SASL
mechanisms. As far as I know, GSSAPI is the only SASL mechanism that
uses the service hostname -- the other mechanisms tend to accept only
the username portion of the JID (or a certificate that contains the JID).

> So here my question to the broad mass of developers: How should I determine
> the hostname of the service I'm authenticating with?

As we discussed in the jdev room yesterday, I think you would use the
machine-name that you discovered via SRV lookup:

http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06

> I also wonder which server supports GSSAPI mechanims, so that I can
> test implementation.

It's not the most popular SASL mechanism because not that many
organizations deploy Kerberos.

Peter



From justin-keyword-jabber.093179 at affinix.com  Thu Jan 15 11:09:41 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Thu, 15 Jan 2009 09:09:41 -0800
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F6992.90604@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
Message-ID: <200901150909.41545.justin-keyword-jabber.093179@affinix.com>

On Thursday 15 January 2009 08:51:30 Peter Saint-Andre wrote:
> As we discussed in the jdev room yesterday, I think you would use the
> machine-name that you discovered via SRV lookup:
>
> http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06

Yes, this is the consensus.

There is, however, some worry about DNS-based attacks, since the connect host 
is derived insecurely through the SRV lookup.  One obvious but totally 
impractical fix is to use DNSSEC.  Another is to use XEP-233.  Yet another is 
to offer some explicit trust mechanisms in the client (e.g. a field where the 
user can type the connect host in advance, to mark as trusted).

-Justin


From stpeter at stpeter.im  Thu Jan 15 11:19:44 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Thu, 15 Jan 2009 10:19:44 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <200901150909.41545.justin-keyword-jabber.093179@affinix.com>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
Message-ID: <496F7030.1070805@stpeter.im>

Justin Karneges wrote:
> On Thursday 15 January 2009 08:51:30 Peter Saint-Andre wrote:
>> As we discussed in the jdev room yesterday, I think you would use the
>> machine-name that you discovered via SRV lookup:
>>
>> http://logs.jabber.org/jdev at conference.jabber.org/2009-01-14.html#16:01:06
> 
> Yes, this is the consensus.
> 
> There is, however, some worry about DNS-based attacks, since the connect host 
> is derived insecurely through the SRV lookup.  

Correct.

> One obvious but totally 
> impractical fix is to use DNSSEC.  

DNSSEC is seeing more deployment, but it's taking a long time. I don't
know that I'd call it totally impractical, though.

> Another is to use XEP-233.  

AFAIK, no servers implement that yet, and in any case it was designed
for a slightly different use case (basically situations in which DNS SRV
results don't tell you the hostname of the connection manager you're
talking to because load balancers are in use).

> Yet another is 
> to offer some explicit trust mechanisms in the client (e.g. a field where the 
> user can type the connect host in advance, to mark as trusted).

Right. This is similar to how some clients handle such things now. See
rfc3920bis for details:

http://xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-08.html#tcp-resolution

/psa


From linuxwolf at outer-planes.net  Thu Jan 15 12:02:24 2009
From: linuxwolf at outer-planes.net (Matthew A. Miller)
Date: Thu, 15 Jan 2009 11:02:24 -0700
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F7030.1070805@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
	<496F7030.1070805@stpeter.im>
Message-ID: <AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>

On Jan 15, 2009, at 10:19, Peter Saint-Andre wrote:
>> Another is to use XEP-233.
>
> AFAIK, no servers implement that yet, and in any case it was designed
> for a slightly different use case (basically situations in which DNS  
> SRV
> results don't tell you the hostname of the connection manager you're
> talking to because load balancers are in use).

Besides, XEP-233 isn't any more secure than the SRV lookup.

*  If you can't trust the name from the SRV lookup that sent you to  
this (possibly fake) server, why can you now trust the value provided  
via XEP-233 from that server?
*  If you trust the XEP-233 result because you've got a secure channel  
(STARTTLS) and trusted their certificate, then why can't you now trust  
the SRV result?

 From my own observations and experiences, Deployments involving  
GSSAPI require significant planning, and is almost always undertaken  
because of the organization's security policy.  I've not seen such a  
policy that mandating GSSAPI, but then ignored issues around network  
name resolution.

So back to the original poster:
My recommendation for your library would be to rely on the (FQDN of  
the) hostname used to establish the XMPP/TCP connection, but make sure  
you have a way to manually bypass DNS SRV for establishing said  
connection (i.e. explicit hostname for the socket connection).  If the  
users of the library are willing to trust the hostname enough to get  
to the point where authentication is attempted, then odds are they're  
willing (or rather, required) to trust that hostname in obtaining the  
service principal credentials.

--
Matthew A. Miller
linuxwolf at outer-planes.net




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2238 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090115/cf8d5aaa/attachment-0003.bin>

From justin-keyword-jabber.093179 at affinix.com  Thu Jan 15 13:30:09 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Thu, 15 Jan 2009 11:30:09 -0800
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>
References: <20090115162157.GA5746@elmex2> <496F7030.1070805@stpeter.im>
	<AF11C7F2-627F-416D-9F89-F2B8A7A3F79B@outer-planes.net>
Message-ID: <200901151130.09071.justin-keyword-jabber.093179@affinix.com>

On Thursday 15 January 2009 10:02:24 Matthew A. Miller wrote:
> Besides, XEP-233 isn't any more secure than the SRV lookup.
[...]
> *  If you trust the XEP-233 result because you've got a secure channel
> (STARTTLS) and trusted their certificate, then why can't you now trust
> the SRV result?

Hmm, this is an interesting question.

TLS validates the XMPP domain, not the connect host found in the SRV result.  
So an attacker could feed you an incorrect SRV result here, and then route 
your traffic (as-is, not attacking TLS) to the real XMPP server.  This would 
be enough for an attacker to cause you to use the wrong host in the Kerberos 
negotiation.

However, it's not clear to me if there is a real attack here.  With the wrong 
host, you may obtain a wrong Kerberos ticket but you'll attempt to use it 
with the "right" host which will result in a failed authentication (a DoS).  
Maybe if the "right" host has multiple host keys for the "xmpp" service, the 
attacker could cause you to successfully authenticate to the wrong XMPP host?  
Well, whether that attack is really a problem or not, at least XEP-233 does 
close it off.

-Justin


From sxw at inf.ed.ac.uk  Thu Jan 15 15:31:52 2009
From: sxw at inf.ed.ac.uk (Simon Wilkinson)
Date: Thu, 15 Jan 2009 21:31:52 +0000
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <496F7030.1070805@stpeter.im>
References: <20090115162157.GA5746@elmex2> <496F6992.90604@stpeter.im>
	<200901150909.41545.justin-keyword-jabber.093179@affinix.com>
	<496F7030.1070805@stpeter.im>
Message-ID: <9BF110DC-8D5D-4300-BD39-90C59C954F25@inf.ed.ac.uk>


On 15 Jan 2009, at 17:19, Peter Saint-Andre wrote:
>
> AFAIK, no servers implement that yet, and in any case it was designed
> for a slightly different use case (basically situations in which DNS  
> SRV
> results don't tell you the hostname of the connection manager you're
> talking to because load balancers are in use).

GSSAPI domain based names are specifically designed to deal with the  
problem where the connection host is derived through an insecure SRV  
lookup, so they're exactly the correct tool to use to resolve this  
issue. The problem is with knowing what the other end is prepared to  
accept. I suppose if you're using your own SASL implementation you  
could do a gss_init_sec_context() for the domain based name first, and  
if that fails, fall back to using the hostname you got through the SRV  
lookup.

Simon.



From tomek at xiaoka.com  Fri Jan 16 07:02:53 2009
From: tomek at xiaoka.com (Tomasz Sterna)
Date: Fri, 16 Jan 2009 14:02:53 +0100
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <20090115162157.GA5746@elmex2>
References: <20090115162157.GA5746@elmex2>
Message-ID: <1232110973.5169.8.camel@wing>

Dnia 2009-01-15, czw o godzinie 17:21 +0100, Robin Redeker pisze:
> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
> that says that I should not pass the domain of the JID as service hostname
> to SASL (and later the GSSAPI mechanism).

I think you should.

It's server job to map the provided domain name to a specific hostname.
Just like it is server job to map the domain name to a realm, in case of
DIGEST-MD5.


> I also wonder which server supports GSSAPI mechanims, so that I can
> test implementation.

http://jabberd2.xiaoka.com/
Although its not tested much.

-- 




From sxw at inf.ed.ac.uk  Fri Jan 16 07:23:15 2009
From: sxw at inf.ed.ac.uk (Simon Wilkinson)
Date: Fri, 16 Jan 2009 13:23:15 +0000
Subject: [jdev] GSSAPI and service hostname
In-Reply-To: <1232110973.5169.8.camel@wing>
References: <20090115162157.GA5746@elmex2> <1232110973.5169.8.camel@wing>
Message-ID: <E8C194DC-6261-461D-9524-94BBE85A6253@inf.ed.ac.uk>


On 16 Jan 2009, at 13:02, Tomasz Sterna wrote:

> Dnia 2009-01-15, czw o godzinie 17:21 +0100, Robin Redeker pisze:
>> I've received a bugreport for my Perl module AnyEvent::XMPP recently,
>> that says that I should not pass the domain of the JID as service  
>> hostname
>> to SASL (and later the GSSAPI mechanism).
>
> I think you should.

Not with GSSAPI, and not if you want to be compatible with anyone else.

The GSSAPI SASL mechanism needs to know the service hostname so it can  
talk construct a request for the correct service principal to the KDC.  
It has to know a hostname, because that's the way that Kerberos has  
traditionally worked - a service principal contains the name of the  
host running the service, not of the domain that the service is being  
run for. This has been discussed a number of times on the jdev list,  
and within the Kerberos community, and those of us who have  
implemented XMPP clients and servers supporting GSSAPI have come to  
the consensus that this is the current correct behaviour.

In the longer term, as I noted in a previous post, domain based names  
are the way forwards. This is going to definitely require changes to  
the common SASL APIs, and possibly to the SASL GSSAPI wire  
specification (although 'GSSAPI' which we're all still using has  
already been superceded by GS2)

> It's server job to map the provided domain name to a specific  
> hostname.
> Just like it is server job to map the domain name to a realm, in  
> case of
> DIGEST-MD5.

The server can't do this in a way that's safe - bear in mind that with  
Kerberos, it's the client side that needs to know who it's talking to  
- it's not a case of mapping incoming connections into an  
authentication realm (in the way that DIGEST-MD5 does). Allowing the  
client to ask the server 'who are you today?' immediately opens the  
way for MITM attacks, and defeats the whole point of using GSSAPI in  
the first place.

>> I also wonder which server supports GSSAPI mechanims, so that I can
>> test implementation.
>
> http://jabberd2.xiaoka.com/
> Although its not tested much.

We're using a version of jabberd2 with Cyrus SASL to provide GSSAPI  
support. It works well for us, and is what most of the client GSSAPI  
support (Pidgin, Adium, etc) which I wrote was originally tested  
against, but it's not what's currently being distributed. Openfire has  
a GSSAPI implementation that libpurple's code has been tested against  
that a number of big Kerberos users are using in production. I believe  
there are also patches for Kerberos support in ejabberd, but I'm not  
sure if they've been integrated, and I'm not aware of any  
interoperability testing that has been done.

Cheers,

Simon.



From julien.genestoux at gmail.com  Sat Jan 17 15:46:26 2009
From: julien.genestoux at gmail.com (Julien Genestoux)
Date: Sat, 17 Jan 2009 13:46:26 -0800
Subject: [jdev] XMPP Meetup in San Francisco
Message-ID: <26c0cf900901171346qae8acfcx686b8aa4497256dd@mail.gmail.com>

Hey!

First : Happy New Year! May it be yet another year of great growth for the
XMPP Community!

I just wanted to let you guys know that we're organizing the first XMPP
Meetup in San Francisco, CA on February 18th, right after XMPP Summit.

Feel free to join us: http://bit.ly/xmpp_sf
Also, we're looking for speakers/topics, so feel free to suggest anything
you'd like to see covered at is event.

Thanks a lot!

Julien

PS: please let me know if it's inapropriate to use this ML for this.

--
Julien Genestoux
http://www.ouvre-boite.com
http://blog.notifixio.us

+1 (415) 254 7340
+33 (0)9 70 44 76 29
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20090117/85ddce29/attachment-0002.htm>

From richard at indigo3.net  Sun Jan 25 10:06:19 2009
From: richard at indigo3.net (Richard Smith)
Date: Sun, 25 Jan 2009 17:06:19 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
Message-ID: <497C8DFB.3080503@indigo3.net>

Hello!

I'm just putting some specs together for a project I'll be working on, 
and I was wondering...

XMPP RFC3290 specifies SASL namespaces and implementation within the 
scope of authenticating init-to-responder streams. Can this namespace be 
used at a lower level?

I've read through the SASL sections, and it doesn't actually say that 
the authentication scheme cannot be used in-band to communicate with a 
remote host?

The situation is that I'm got to build a client and component to do some 
notification magic. The 'client' part however might be on jabber.org, or 
another xmpp server entirely.

So, I know it's probably unsupported by most if not all the clients, but 
is it possible to re-use SASL namespaces to authenticate a user against 
a remote XMPP component using SASL?

-- 
Rich


From dmeyer at tzi.de  Sun Jan 25 11:23:51 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Sun, 25 Jan 2009 18:23:51 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <497C8DFB.3080503@indigo3.net> (Richard Smith's message of "Sun\,
	25 Jan 2009 17\:06\:19 +0100")
References: <497C8DFB.3080503@indigo3.net>
Message-ID: <87mydf47vc.fsf@phex.sachmittel.de>

Richard Smith wrote:
> I've read through the SASL sections, and it doesn't actually say that 
> the authentication scheme cannot be used in-band to communicate with a 
> remote host?
>
> So, I know it's probably unsupported by most if not all the clients, but 
> is it possible to re-use SASL namespaces to authenticate a user against 
> a remote XMPP component using SASL?

Thinking of web services connected over XMPP, this sounds useful. Maybe
we can define some sort of SASL in IQ stanzas. But this will be an
insecure connection. Maybe you want to use E2E security in this use
case.


Dirk

-- 
This is Linux country. If you listen carefully, you can hear Windows
reboot...


From richard at indigo3.net  Sun Jan 25 11:29:24 2009
From: richard at indigo3.net (Richard Smith)
Date: Sun, 25 Jan 2009 18:29:24 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <87mydf47vc.fsf@phex.sachmittel.de>
References: <497C8DFB.3080503@indigo3.net> <87mydf47vc.fsf@phex.sachmittel.de>
Message-ID: <497CA174.7000101@indigo3.net>

Dirk Meyer wrote:
> Thinking of web services connected over XMPP, this sounds useful. Maybe
> we can define some sort of SASL in IQ stanzas. But this will be an
> insecure connection. Maybe you want to use E2E security in this use
> case.

E2E secures the transport... SASL in IQ stanzas would authenticate the 
user... This is my thinking at least...

-- 
Rich


From dmeyer at tzi.de  Sun Jan 25 12:30:39 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Sun, 25 Jan 2009 19:30:39 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <497CA174.7000101@indigo3.net> (Richard Smith's message of "Sun\,
	25 Jan 2009 18\:29\:24 +0100")
References: <497C8DFB.3080503@indigo3.net> <87mydf47vc.fsf@phex.sachmittel.de>
	<497CA174.7000101@indigo3.net>
Message-ID: <87hc3n44s0.fsf@phex.sachmittel.de>

Richard Smith wrote:
> Dirk Meyer wrote:
>> Thinking of web services connected over XMPP, this sounds useful. Maybe
>> we can define some sort of SASL in IQ stanzas. But this will be an
>> insecure connection. Maybe you want to use E2E security in this use
>> case.
>
> E2E secures the transport... SASL in IQ stanzas would authenticate the 
> user... This is my thinking at least...

Yes, but if we need authentication to make the transport secure, we need
to know that there is no man-in-the-middle. I guess TLS-SRP would work
perfect for you: the user provides a password with SRP and the peer
provides a certificate the user can check. Based on that the channel
will be secure.

If you only do SASL, you can not be sure that someone changes the data
after the SASL authentication. Maybe you don't need to if you trust the
XMPP servers involved.


Dirk

-- 
panic("kmem_cache_init(): Offsets are wrong - I've been messed with!");
	2.2.16 /usr/src/linux/mm/slab.c


From tjulien at limewire.com  Sun Jan 25 15:03:12 2009
From: tjulien at limewire.com (Tim Julien)
Date: Sun, 25 Jan 2009 16:03:12 -0500
Subject: [jdev] facebook jabber?
Message-ID: <497CD390.4090701@limewire.com>

anyone heard any updates on this?

http://developers.facebook.com/news.php?blog=1&story=110

-Tim


From justin-keyword-jabber.093179 at affinix.com  Sun Jan 25 15:49:15 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Sun, 25 Jan 2009 13:49:15 -0800
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <87hc3n44s0.fsf@phex.sachmittel.de>
References: <497C8DFB.3080503@indigo3.net> <497CA174.7000101@indigo3.net>
	<87hc3n44s0.fsf@phex.sachmittel.de>
Message-ID: <200901251349.15477.justin-keyword-jabber.093179@affinix.com>

On Sunday 25 January 2009 10:30:39 Dirk Meyer wrote:
> If you only do SASL, you can not be sure that someone changes the data
> after the SASL authentication. Maybe you don't need to if you trust the
> XMPP servers involved.

It depends on the SASL mechanism.  With DIGEST-MD5, for example, you can have 
a mutually authenticated session with integrity protection (and encryption).

I think our e2e proposal should promote TLS + SASL EXTERNAL as the common 
case, but we should not require TLS and we should allow any SASL mechanism.  
This way, someone could create a password-based service running at a JID.

-Justin


From justin-keyword-jabber.093179 at affinix.com  Sun Jan 25 16:10:28 2009
From: justin-keyword-jabber.093179 at affinix.com (Justin Karneges)
Date: Sun, 25 Jan 2009 14:10:28 -0800
Subject: [jdev] facebook jabber?
In-Reply-To: <497CD390.4090701@limewire.com>
References: <497CD390.4090701@limewire.com>
Message-ID: <200901251410.28336.justin-keyword-jabber.093179@affinix.com>

On Sunday 25 January 2009 13:03:12 Tim Julien wrote:
> anyone heard any updates on this?
>
> http://developers.facebook.com/news.php?blog=1&story=110

http://bugs.developers.facebook.com/show_bug.cgi?id=3152

The latest word as of November is: "some people are working on this.  it will 
probably be done in a few months.  sorry the timeline isn't more clear."


From Dean at cognation.net  Sun Jan 25 19:41:35 2009
From: Dean at cognation.net (Dean Collins)
Date: Sun, 25 Jan 2009 20:41:35 -0500
Subject: [jdev] facebook jabber?
In-Reply-To: <200901251410.28336.justin-keyword-jabber.093179@affinix.com>
References: <497CD390.4090701@limewire.com>
	<200901251410.28336.justin-keyword-jabber.093179@affinix.com>
Message-ID: <3685A8FD247FA94C957C4304AB386A041A1432@cognationsvr1.Cognation.local>

What are people planning on doing with this?

I've got some initial thoughts but apart from setting status (which is a
minor feature of my app at the very most) so am curious if I'm missing
something.


Regards,

Dean Collins
Cognation Inc
dean at cognation.net
+1-212-203-4357   New York
+61-2-9016-5642   (Sydney in-dial).
+44-20-3129-6001 (London in-dial).

> -----Original Message-----
> From: jdev-bounces at jabber.org [mailto:jdev-bounces at jabber.org] On
Behalf Of
> Justin Karneges
> Sent: Sunday, 25 January 2009 5:10 PM
> To: Jabber/XMPP software development list
> Subject: Re: [jdev] facebook jabber?
> 
> On Sunday 25 January 2009 13:03:12 Tim Julien wrote:
> > anyone heard any updates on this?
> >
> > http://developers.facebook.com/news.php?blog=1&story=110
> 
> http://bugs.developers.facebook.com/show_bug.cgi?id=3152
> 
> The latest word as of November is: "some people are working on this.
it will
> probably be done in a few months.  sorry the timeline isn't more
clear."
> _______________________________________________
> JDev mailing list
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________


From dmeyer at tzi.de  Mon Jan 26 03:40:54 2009
From: dmeyer at tzi.de (Dirk Meyer)
Date: Mon, 26 Jan 2009 10:40:54 +0100
Subject: [jdev] Scope of current RFC3920 SASL implementation
In-Reply-To: <200901251349.15477.justin-keyword-jabber.093179@affinix.com>
	(Justin Karneges's message of "Sun\,
	25 Jan 2009 13\:49\:15 -0800")
References: <497C8DFB.3080503@indigo3.net> <497CA174.7000101@indigo3.net>
	<87hc3n44s0.fsf@phex.sachmittel.de>
	<200901251349.15477.justin-keyword-jabber.093179@affinix.com>
Message-ID: <87bptu4d7d.fsf@phex.sachmittel.de>

Justin Karneges wrote:
> On Sunday 25 January 2009 10:30:39 Dirk Meyer wrote:
>> If you only do SASL, you can not be sure that someone changes the data
>> after the SASL authentication. Maybe you don't need to if you trust the
>> XMPP servers involved.
>
> It depends on the SASL mechanism.  With DIGEST-MD5, for example, you can have 
> a mutually authenticated session with integrity protection (and encryption).

I did not know that.

> I think our e2e proposal should promote TLS + SASL EXTERNAL as the common 
> case, but we should not require TLS and we should allow any SASL mechanism.  
> This way, someone could create a password-based service running at a JID.

It may get things more complicated, but agree, it should be
considered. This seems to be the logical choise for communicating with
external (web) services.


Dirk

-- 
The three most dangerous things are a programmer with a soldering iron,
a manager who codes, and a user who gets ideas.


From stpeter at stpeter.im  Mon Jan 26 15:25:16 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 26 Jan 2009 14:25:16 -0700
Subject: [jdev] X.509 clientAuth and serverAuth bits in s2s TLS
Message-ID: <497E2A3C.9080000@stpeter.im>

[Please send follow-ups to the security at xmpp.org list.]

In certificates used for web servers, it is possible to set the
clientAuth and serverAuth bits in certs offered by a browser or a web
server (respectively).

Life is a little more complicated in XMPP because an XMPP server can act
as a TLS client for server-to-server (s2s) connections. That is, the
XMPP server that initiates the s2s connection acts as a TLS client and
the XMPP server that receives the s2s connection acts as a TLS server.
Therefore an XMPP server can act as either a TLS client or a TLS server.

My question is: do any XMPP server codebases (or the TLS libraries they
use) depend on inclusion of the clientAuth or serverAuth bits in order
to function properly? The problem I foresee is that an XMPP server might
fail on an attempt to encrypt an s2s connection if the cert presented by
the peer server does not include the clientAuth or serverAuth bit.

Thanks!

/psa


From stpeter at stpeter.im  Mon Jan 26 16:31:22 2009
From: stpeter at stpeter.im (Peter Saint-Andre)
Date: Mon, 26 Jan 2009 15:31:22 -0700
Subject: [jdev] Oracle Beehive
Message-ID: <497E39BA.6040208@stpeter.im>

It seems that Oracle's Beehive suite contains support for XMPP:

http://www.oracle.com/technology/products/beehive/platform.html

http://download.oracle.com/docs/cd/E13789_01/bh.100/e13791/xmpp.htm

Doe anyone on this list have experience with this software?

/psa




From mateusz.bilinski at gmail.com  Wed Jan 28 12:21:35 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Wed, 28 Jan 2009 19:21:35 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
Message-ID: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>

Hi.
Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
XEP-0004 [3] (+ XEP-0050 [4])?

My question is how to get JID of sender in command handler - the only
thing that it gets is 'form' and 'sessionid' (and none of this can
point out to full jid of sender).

If received XML was available in handler it would be easy to access
JabberID (code: xml.attrib['from']). Commands handling (and arguments
passing) is in file sleekxmpp/plugins/xep_0050.py).

I understand this question is pretty specific, but maybe someone had
similar problem. Kev? :>

[1] http://code.google.com/p/sleekxmpp/
[2] http://code.google.com/p/sleekbot/
[3] http://xmpp.org/extensions/xep-0004.html
[4] http://xmpp.org/extensions/xep-0050.html

-- 
Regards,
Mateusz Bili?ski (vArDo)


From remko at el-tramo.be  Wed Jan 28 13:41:01 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Wed, 28 Jan 2009 20:41:01 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
Message-ID: <133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>

> Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
> XEP-0004 [3] (+ XEP-0050 [4])?

Yes, it's even used in the book ;-)

> My question is how to get JID of sender in command handler - the only
> thing that it gets is 'form' and 'sessionid' (and none of this can
> point out to full jid of sender).

self.xmpp.plugin['xep_0050'].sessions[sessionId]['jid']

cheers,
Remko


From dereulenspiegel.3mrymn at no-mx.jabberforum.org  Thu Jan 29 06:33:12 2009
From: dereulenspiegel.3mrymn at no-mx.jabberforum.org (dereulenspiegel)
Date: Thu, 29 Jan 2009 13:33:12 +0100
Subject: [jdev] XEP-0174 (Link-local) support in Smack
References: <b6ae9fe90811262338q28dcdf85qc72ee4c34847968@mail.gmail.com>
	<b6ae9fe90812240145h5b5d7e1bxfed73c2d60d3809@mail.gmail.com>
Message-ID: <dereulenspiegel.3mrymn@no-mx.jabberforum.org>


Does anyone has a copy of this git repo? I tried to clone it but this
fails. I also tried to apply the patch he posted on ignite forums but
this patch seems to need a modified version of jmdns. Or does anyone
have a completely build and functional version if this?


-- 
dereulenspiegel
------------------------------------------------------------------------
dereulenspiegel's Profile: http://www.jabberforum.org/member.php?userid=17410
View this thread: http://www.jabberforum.org/showthread.php?t=1140



From mateusz.bilinski at gmail.com  Thu Jan 29 18:24:10 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Fri, 30 Jan 2009 01:24:10 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
Message-ID: <60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>

On Wed, Jan 28, 2009 at 20:41, Remko Tron?on <remko at el-tramo.be> wrote:
>> Has anybody used SleekXMPP [1] (or SleekBot [2]) to handle forms with
>> XEP-0004 [3] (+ XEP-0050 [4])?
>
> Yes, it's even used in the book ;-)

Great to hear that. It's a really nice lib IMHO. :)

>> My question is how to get JID of sender in command handler - the only thing
>> that it gets is 'form' and 'sessionid' (and none of this can point out to
>> full jid of sender).
>
> self.xmpp.plugin['xep_0050'].sessions[sessionId]['jid']

Unfortunately, this does not work for me. I get KeyError (no 'jid').

Here's what's in my self.bot.plugin['xep_0050'].sessions[sessionID]:

{'next':
    <bound method memberbot.votingHandler of
		 <plugins.memberbot.memberbot object at 0x339fa90>>,
 'past':
		[(<sleekxmpp.plugins.xep_0004.Form object at 0x33c9a10>, None)]}

Item at 'next' key is my command handler. At 'past' I have Form object from
which I cannot however JID (as stated in previous posts). I get these at
breakpoint in my handler method.

These values are set in xep_0050.handler_command (or
xep_0050.handler_command_next) in xep_0050.py plugin file.

I think I've pretty much investigated all surroundings of 'sessions'
dictionary and I cannot find sender JID.

I've checked out latest SleekXMPP version from SVN to see whether I don't have
some old version, but the code is pretty much the same in that file.

Maybe I'm missing something?

Of course, I could add code to above metioned xep_0050 methods (patching
SleekXMPP), like this one (to make your code work):

self.sessions[sessionid]['jid'] = xml.attrib['from']

However, I want to avoid changing libs code locally. Other approach would be
patch SleekXMPP officially - I don't have anything against it, but (once
again) maybe I'm missing something :)

-- 
Regards,
Mateusz Bili?ski


From remko at el-tramo.be  Fri Jan 30 01:34:33 2009
From: remko at el-tramo.be (=?UTF-8?Q?Remko_Tron=C3=A7on?=)
Date: Fri, 30 Jan 2009 08:34:33 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
	<60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
Message-ID: <133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>

> I've checked out latest SleekXMPP version from SVN to see whether I don't have
> some old version, but the code is pretty much the same in that file.

Ah, we are currently working with the Seesmic branch
(svn://netflint.net/sleekxmpp/branches/seesmic/sleekxmpp), although
this one could be a little buggy for you. Maybe that branch has the
'jid', and the others don't?

FYI, Fritzy is going to consolidate the branches soon.

cheers,
Remko


From mateusz.bilinski at gmail.com  Fri Jan 30 06:56:57 2009
From: mateusz.bilinski at gmail.com (=?ISO-8859-2?Q?Mateusz_Bili=F1ski?=)
Date: Fri, 30 Jan 2009 13:56:57 +0100
Subject: [jdev] SleekXMPP, XEP-0004, XEP-0050 and sender JabberID
In-Reply-To: <133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>
References: <60278bef0901281021g40d4b422w2e89d42fe5d78996@mail.gmail.com>
	<133fd4c60901281141x6b100813l545cff6312da1f9a@mail.gmail.com>
	<60278bef0901291624y5aff9f44uefd4d367294c9753@mail.gmail.com>
	<133fd4c60901292334x683201dfj93030f086c277d41@mail.gmail.com>
Message-ID: <60278bef0901300456kb4eb7ebueb458bb3230f9e0a@mail.gmail.com>

On Fri, Jan 30, 2009 at 08:34, Remko Tron?on <remko at el-tramo.be> wrote:
>> I've checked out latest SleekXMPP version from SVN to see whether I don't have
>> some old version, but the code is pretty much the same in that file.
>
> Ah, we are currently working with the Seesmic branch
> (svn://netflint.net/sleekxmpp/branches/seesmic/sleekxmpp), although
> this one could be a little buggy for you. Maybe that branch has the
> 'jid', and the others don't?

Yeap, you're right. Case solved. In seesmic branch there's an
additional line xep_0050.py file:

self.sessions[sessionid]['jid'] = xml.get('from')

So it's pretty similar to what I've wanted to add.

I've used trunk instead of seesmic (I didn't even know that this was
the most active branch), because SleekBot used it as external
SleekXMPP repo in it's trunk. :)

> FYI, Fritzy is going to consolidate the branches soon.

Great to hear that. For now I'll probably add the mentioned line to my
code as it will probably stay in merged code.

Many thanks, Remko :)

-- 
Regards,
Mateusz Bili?ski