[jdev] OAuth and XMPP
nathanfritz at gmail.com
Mon Jul 28 15:58:33 CDT 2008
On Mon, Jul 28, 2008 at 9:56 AM, Sylvain Hellegouarch <sh at defuze.org> wrote:
> Peter Saint-Andre a écrit :
> > Sylvain Hellegouarch wrote:
> >> Peter Saint-Andre a écrit :
> >>> Sylvain Hellegouarch wrote:
> >>>> Hi all,
> >>>> Following Peter last blog note  and XEP-0235, I'm pleased there is
> >>>> formal definition on how to couple OAuth with XMPP but I'm somewhat
> >>>> disconcerted by the fact that the definition is per XMPP service. Why?
> >>>> XEP-035 specifies for a few of them (PubSub, MUC and Registration)
> >>>> but I'm
> >>>> wondering if that wouldn't have made more sense to define a service
> >>>> on its
> >>>> own.
> >>> Do you mean that an XMPP server could offer a generalized OAuth
> >>> service for use by things like pubsub components, MUC components, and
> >>> the XMPP server itself?
> >> Yes.
> > Could you expand a bit on what you mean by that? I don't think XEP-0235
> > (which I'm currently updating to reflect our discussions in Portland)
> > disallows a standalone OAuth service that's used by servers and
> > components, but that model seems to be a bit more sophisticated and
> > complex.
> > /psa
> Right. I can see it would indeed make it more complex and would prevent
> the solution to be implemented and deployed reasonnably soon.
> However I didn't mean your XEP was forbidding a standalone service,
> perhaps a note in that spirit would make it clear that indeed you can
> write such service.
> - Sylvain
Peter and I discussed an iq packet with the oauth namespace being used to
establish trust for a JID permanently. Is that still going to be included
as an option?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the JDev