[standards-jig] auth & reg redux
stpeter at jabber.org
Fri May 30 16:48:20 UTC 2003
Hmm, further questions arise.
1. Should these JEPs remain standards-track? We made them
standards-track so that we could include them in our protocol
compliance testing suite (JEP-0073). Is that reasoning still
valid? I think so, but I'm not 100% sure now.
2. It seems odd to advance a protocol to Draft when we know that it
will be deprecated and then made obsolete on a fairly well-known
My feeling is that we make these standards-track, with a review every
six months to determine if they should be deprecated. But I'm open to
On Fri, May 30, 2003 at 11:33:06AM -0500, Peter Saint-Andre wrote:
> So it seems like this "esecret" and "edigest" stuff was premature. I'm
> going to remove that content from JEPs 77 and 78 respectively. I'm also
> going to add information about deprecating these protocols. Well, at
> least for jabber:iq:auth. Any thoughts on deprecating jabber:iq:register
> as well? It does seem woefully insecure, so my feeling is that we would
> do best to put both of these protocols on a schedule for review and
> potential deprecation by the Council -- every six months seems to be
> about right.
More information about the Standards