[jdev] OAuth and XMPP

Peter Saint-Andre stpeter at stpeter.im
Mon Jul 28 11:39:34 CDT 2008


Sylvain Hellegouarch wrote:
> Peter Saint-Andre a écrit :
>> Sylvain Hellegouarch wrote:
>>> Hi all,
>>>
>>> Following Peter last blog note [1] and XEP-0235, I'm pleased there is a
>>> formal definition on how to couple OAuth with XMPP but I'm somewhat
>>> disconcerted by the fact that the definition is per XMPP service. Why?
>>> XEP-035 specifies for a few of them (PubSub, MUC and Registration) but 
>>> I'm
>>> wondering if that wouldn't have made more sense to define a service on 
>>> its
>>> own.
>> Do you mean that an XMPP server could offer a generalized OAuth service 
>> for use by things like pubsub components, MUC components, and the XMPP 
>> server itself?
> 
> Yes.

Could you expand a bit on what you mean by that? I don't think XEP-0235 
(which I'm currently updating to reflect our discussions in Portland) 
disallows a standalone OAuth service that's used by servers and 
components, but that model seems to be a bit more sophisticated and complex.

/psa


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20080728/fe3cd8a9/attachment-0002.bin>


More information about the JDev mailing list