[Council] ping

Joe Hildebrand JHildebrand at jabber.com
Wed Jun 11 15:20:56 CDT 2003

77: +1, but I'd prefer if there was a JEP-68 FORM_TYPE specified for the
x:data form, with username, password, etc. registered with the Jabber
Registrar.  I suppose I'm ok with that happening separately, though.

78: -1.  
- There needs to be a digest example
- This phrase is unclear after example 3:
"(note that any non-ASCII characters MUST be properly escaped)."  Escaped
how?  &x0000;?  Shouldn't UTF-8 be good enough?  
- When can error 409 happen?  There probably needs to be some narrative on
example 6.
- Under security considerations, there needs to be a reference to the
upgrade attack.  If the client speaks plaintext but the server doesn't, a
man-in-the-middle can trick the client into revealing the plaintext
password, so clients SHOULD NOT implement plaintext, in particular.

> -----Original Message-----
> From: Peter Saint-Andre [mailto:stpeter at jabber.org] 
> Sent: Thursday, June 05, 2003 9:17 AM
> To: council at jabber.org
> We have several outstanding issues:
> 1. Vote on JEP-0077 (announced June 3, ends June 13, no votes 
> so far) 2. Vote on JEP-0078 (announced June 3, ends June 13, 
> no votes so far) 3. Motion for last call on JEP-0047 (IBB)?
> 4. Motion for last call on JEP-0068 (Field Standardization)?
> 5. We have a vacancy -- do we want/need to fill it?
> I'm wondering if it would be productive to have a meeting 
> sometime soon.
> Peter
> --
> Peter Saint-Andre
> Jabber Software Foundation
> http://www.jabber.org/people/stpeter.php
> _______________________________________________
> Council mailing list
> Council at jabber.org
> http://mailman.jabber.org/listinfo/council

More information about the Council mailing list