[standards-jig] In-Band Registration and DoS protection

Julian Missig julian at jabber.org
Thu Jan 15 18:39:20 UTC 2004

On 15 Jan, 2004, at 13:08, Tomasz Sterna wrote:

> W liście z śro, 14-01-2004, godz. 22:23, Thomas Muldowney pisze:
>> Really?
> Unfortunately.
> They have the option (or even Wizard) to register during client setup,
> but it does not work... They complain.
>> A lot of the other networks use web based interfaces to sign
>> up for user accounts.
> :-) I cannot name even one.
> Maybe I don't know that many. Poland is very specific with IM.

AIM, ICQ (it has both), MSN, Yahoo!.. any of those ring a bell?

I do think web-based registration is the way to go. I no longer trust 
client developers to be able to come up with a decent way to register, 
and so much more could be done. We only need to develop *one* web-based 
registration system on jabber.org.. that could register with any server 
the user chooses (we could even give them a much easier way to choose 
than currently exists in clients). See, the web site can just use the 
In-Band Registration that clients currently use--that means it can 
connect to *any* server which supports that or any future protocol for 
registration and deal with it appropriately. People who want to could 
install this system elsewhere, but it's not like every server needs to 
have a web site.

I think that a really concerted effort spent *once* to develop a really 
really good web-based registration system could help us a lot in the 
long run. Just think of all of the additional checks and server choices 
and things like that that could be built in. It's a level of complexity 
that we do not want to have to stick in clients--most clients refer to 
a web site with a list of servers anyway!

A single page to go to to register for any Jabber server would also 
help Jabber's image with the general public--it will feel more 
centralized and friendly to use any server. Businesses and the like can 
install the web registration internally or just use/develop clients 
that do IBR as it currently exists...


More information about the Standards mailing list