[standards-jig] Re: JEP-0070 & JEP-0101

Bart van Bragt jabber at vanbragt.com
Fri Jun 27 01:54:45 UTC 2003

:\ Come on people. We all just want to have something workable here. If 
I understand this correctly then Matthew is just annoyed with the fact 
that Richard didn't contact him. I have to say that I can understand 
that. We are not competing with each other here. We're trying to create 
JEP's that actually work and that will actually get accepted. IMO it 
would have been better if everyone just voiced their problems with 
JEP-0070 after which Matthew could either say 'hey, thanks! Good point' 
or 'Hmm, indeed, but that's out of the scope of JEP-0070'. In the last 
case there would have been a reason for the creation of JEP-0101 but IMO 
Matthew wants the same thing as Richard.

Anyway.. On with the technical stuff :D

I haven't been able to really dig into the HTTP-auth specs yet so it 
could be that I'm going to be talking complete nonsense here (could also 
be related to the fact that it's approx 4am here) :D

I have a few concerns with both JEPs:

- The HTTP server has to be able to either talk with a Jabber bot or it 
needs to be running some Jabber bot. Most website owners are not allowed 
to run any bots. They can, however, send Jabber messages pretty easily. 
IMO it would be much prefered if the HTTP server only had to send Jabber 
messages. i.e. it could send an accept-token to a JID after which the 
Jabber client delivers this token to the webbrowser. Problem with this 
is that the HTTP server doesn't know what JID it should send the token 
to. But maybe the whole bot problem can be solved with WCS (If it ever 
gets resurrected).

- In both protocols there is nothing about the integration with Web 
browsers. How are the browsers going to be communicating with the Jabber 
client? IMO it would be smart to at least conceptualize this, just to 
make sure we are not overseeing something trivial..

It's going to take quite a while before there will be usable plugins (or 
whatever) for webbrowsers, also because these plugins will need to be 
able to communicate with a large amount of clients. Therefore it would 
be nice if the website could present the user with the normal 
'HTTP-AUTH' user/pass dialog where the user can fill in his/her JID and 
the token that got send to their Jabber account. This could drastically 
reduce the time that is needed before this JEP becomes useful in real life.

Thanks for listening :D


More information about the Standards mailing list