[standards-jig] Small Footprint Clients and Authentication
thoutbeckers at splendo.com
Fri May 30 00:45:16 UTC 2003
Robert Norris <rob at cataclysm.cx> wrote on 30-5-2003 2:34:16:
>> >> 11.5 Mandatory to Implement Technologies
>> >Key word is "implement". In order to be considered compliant, a
>> >server myst implement DIGEST-MD5. If I'm an administrator, I don't
>> >have to make it available to clients.
>> OK, maybe I missed something. This part of the spec is only for
>> servers? (still, to be required to implement something you'll never
>You make a good point - didn't think of clients when reading this.
>Perhaps implementing DIGEST-MD5 should be a MUST requirement for
>servers, and a SHOULD requirement for clients? Same for the TLS stuff.
>That way, a client can not implement something if it doesn't work for
>its particular circumstances?
>I'll raise this on the XMPP working group list.
That was my suggestion, that is.. I didn't really think of servers when
reading this. *cough* I wonder why we look at those docs so differently.
SASL will be a lot easyer to do if I'm no longer forced to implement
DIGEST-MD5. Not that I would when anyway I have better alternatives,
but I'd still be nice to call my client XMPP compatible. I suppose, for
servers codesize is not so much an issue anymore, not for relativly
"small" things like MD5 anyway. That could stay a MUST for all I care.
Software Engineer @ Splendo
More information about the Standards