[JDEV] Distributed Authentication - thoughts people?
Max.Metral at PeoplepcHQ.com
Mon Oct 1 12:02:38 CDT 2001
Never say never... Isn't that phase 2 of the IM Interop efforts, to allow
server to server interop? I would think it WILL happen, just not on any
time schedule other than market pressure.
From: Michael Hearn [mailto:mhearn at mailandnews.net]
Sent: Friday, September 28, 2001 2:13 PM
To: jdev at jabber.org
Subject: Re: [JDEV] Distributed Authentication - thoughts people?
First, let's sort out a misconception for Jay Curry:
Yes, the way chat network compatability is implemented in Jabber might
be called a fudge but it is in fact the best anyone will ever get. You
must always have an account on the other IM networks for very simple
reasons - say the MSN network assumes you have an account with it. It's
not possible to send messages to people without being logged in to MSN,
and it's not possible to login to MSN without an account. Ditto for all
the other platforms. You will never ever be able to remove that requirement.
Adam: yes I am well aware of the difference between authorization and
authentication, I have put a note to this effect in the JEP I am writing
now. I think the proposed protcols will deal with both, but separately
so there is no confusion.
Finally, I don't think this should be part of the security JIG. Security
and authentication are two different things. Security is about ensuring
that the network is hacker-proof, and that communications are properly
encrypted amongst other things. Authentication is about verifying
identity. They do overlap in some areas, but I do think that this needs
its own JIG.
jdev mailing list
jdev at jabber.org
More information about the JDev