[Standards] Authentication via XMPP (Concern over XEP-70)
anders conbere
aconbere at gmail.com
Mon Jan 7 20:16:36 CST 2008
On Jan 7, 2008 4:35 PM, Guenther Niess <niess at uni-potsdam.de> wrote:
> Hello,
> I'm a student and within a project at the university I want to
> implement the XEP-0070 [1] as a SASL mechanism [2]. So other
> protocols for example imap or pop3 can easily use the authentication
> scheme.
>
> I've noticed the discussion about XEP-70 on December 20007 [3] and I
> think it would be great if we can combine the XEP-70 (for all users
> who are online with their jabber client) and the http digest way
> (like OpenID) which was proposed by Anders Conbere.
>
> I'm not really sure if I have understood the XEP-0070 correctly.
> If it possible to confirm a message request with a client that don't
> understand the 'http://jabber.org/protocol/http-auth' namespace?
> I think in the XEP only clients are on focused which understand
> the namespace and the behavior of the server which receive a message
> with ok in the body and no confirm element is undefined.
I don't think I follow this paragraph, can you explain it for me?
~ Anders
>
> So I think a good solution for http authentication is the XEP-70 when
> it is clear that all users that are online can confirm the request
> and for others they are redirected to the XMPP server and can
> authenticate themself via user credentials.
>
>
> --
> Günther Nieß
>
> [1] http://www.xmpp.org/extensions/xep-0070.html
> [2] http://tools.ietf.org/html/rfc4422
> [3] http://mail.jabber.org/pipermail/standards/2007-December/017406.html
>
More information about the Standards
mailing list