[Standards-JIG] Expiration of JEP-0078

[Peter Saint-Andre]

JEP-0078 (Non-SASL Authentication) is due to expire on 2006-09-23.

As noted in the JEP, this means that the specification was advanced to
Final with the understanding that the Jabber Council would revisit it
every six months and decide whether to change its status to Deprecated
or extend the expiration date for another 6 months.

Given that RFC 3920 (which specifies SASL authentication) was published
on 2004-10-04 and that a number of existing clients now successfully
implement SASL authentication, I think it is now appropriate to
deprecate the older non-SASL authentication method, which we can
consider part of "XMPP 0.9".

Deprecating JEP-0078 would not mean that production servers could not
deploy the 'jabber:iq:auth' method, only that the Jabber Software
Foundation now considers that method to be out of date and recommends
implementation and deployment of SASL authentication instead.

If JEP-0078 is changed to Deprecated, it could remain in that state
indefinitely. However, JEP-0001 requires that the Jabber Council would
continue to revisit the JEP every 6 months and decide whether to change
its status to Obsolete or extend its expiration date (from Deprecated to
Obsolete) for another 6 months.

My opinion is that it is now appropriate to deprecate JEP-0078. However,
I would like feedback from members of this list as input to the
Council's decision on this issue, which is planned to occur in its
meeting on 2006-09-13.

Thanks.

Peter

-- 
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20060830/e877c653/smime.bin