[standards-jig] auth & reg redux

Tijl Houtbeckers thoutbeckers at splendo.com
Fri May 30 18:38:03 UTC 2003


Peter Saint-Andre <stpeter at jabber.org> wrote on 30-5-2003 19:02:17:
>
>On Fri, May 30, 2003 at 11:54:49AM -0500, Matt Tucker wrote:
>> 
>> I know that we have SASL to replace auth, but is there something in 
>> the pipeline to replace register? Also, register is probably secure 
>> enough *if* you're using TLS. :)
>
>We *could* have something to replace register (probably using x:data),
>but we don't right now. Shouldn't be that hard to cook something up.
>

With edigist we made it possible to register without exposing your 
password to the server. If MD5-Digest really is simular to what edigest 
was going to be, it should be possible to do the same. However, I doubt 
that would be possible "plain" x:data. If iq:register is going to be 
deprecated we better have something to replace it! 

-- 
Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands




More information about the Standards mailing list