[standards-jig] Small Footprint Clients and Authentication

Tijl Houtbeckers thoutbeckers at splendo.com
Fri May 30 01:15:31 UTC 2003

Evan Prodromou <evan at prodromou.san-francisco.ca.us> wrote on 30-5-2003 
>I think the root of the problem here is that the XMPP's requirement
>that DIGEST-MD5 authentication MUST be supported should be downgraded
>to a SHOULD. This would allow small-footprint clients to use plaintext
>passwords within the framework of XMPP.

I was indeed under the misimpression that it was SASL that required 
DIGEST-MD5, but once I started looking closer to both the SASL and XMPP 
specs I noted this is not the case. Rob is gonna bring it up with the 
XMPP group. From looking at the SASL documents so far, it will 
definatly take more code as the old iq:auth to do SASL-PLAIN, but 
ofcourse less codesize increase than DIGEST-MD5 would bring. 

Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands

More information about the Standards mailing list