[Standards-JIG] Re: [jdev] Re: Two questions regarding JEP-0124 HTTP Binding

Peter Saint-Andre stpeter at jabber.org
Fri Nov 18 22:57:46 UTC 2005


(Moving this to standards-jig at jabber.org since it has morphed from 
questions about implementing JEP-0124 to protocol definition. See 
http://mail.jabber.org/pipermail/jdev/2005-November/022404.html for the 
earlier messages in the thread.)

Ian Paterson wrote:
>> Hmm. So I could connect with my Jabber client to a JEP-0124 
>> proxy that would enable me to authenticate directly with,
>> say, an IRC server or SIMPLE server?
> 
> The intention was only to enable *XML* protocols. For example, (future,
> proprietary) non-XMPP AJAX implementations that need to emulate the
> functionality of a TCP connection over HTTP could reuse code from
> JEP-0124 clients and proxies.

Wouldn't they just use XMPP?

> I'm not expecting this to happen, because I believe XMPP will become
> very successful. However, we can enable this for one of our possible
> futures without any real impact on the protocol.

In general we don't like to design for things that might happen 5 years 
from now (or never). :-)

> Like I said, I don't feel strongly about the "xmpp:". I'm just
> explaining the origins.

Sure, understood.

Just thinking aloud here....

Let's say I connect to http://proxy.saint-andre.com/ (my personal HTTP 
binding proxy) and I use it to log in to my stpeter at jabber80.com account 
  at port 443 rather than 5222. So we're currently saying that I would 
tell my proxy this:

   route='xmpp:jabber80.com:443'

Which we hope means "connect to jabber80.com over a TCP connection on 
port 443 and expect to communicate via XMPP, pretty please" but in fact 
  (per Section 2.8 of draft-saintandre-xmpp-iri) means "connect to your 
usual XMPP server and generate an XMPP stanza based on application 
inputs and then send that stanza to jabber80.com and gosh I don't know 
what you're supposed to do with this port but try to look intelligent, 
will you?".

Yet if this is a true proxy then what I really need to tell it is 
"authenticate as my XMPP account on jabber80.com" which would be:

   route='xmpp://stpeter@jabber80.com'

Note the presence of the authority component (everything after "//"), 
which tells the proxy to log in as me. However, because currently there 
is no way to specify in an XMPP URI that I want the proxy to 
authenticate as me and use a specific port, the proxy would do the usual 
SRV lookups, resulting in failed authentication if jabber80.com didn't 
have SRV records defined since the proxy would try the SRV lookups, not 
find port 443, and default to 5222).

So as far as I can see our use XMPP URIs here is wrong. I'd need to 
specify an authority component with my bare JID rather than the JID of 
the destination server, and I'd need to include a port (which is not 
currently part of the XMPP URI spec), as follows:

   route='xmpp://stpeter@jabber80.com:443'

If we add the port to the XMPP URI scheme (I'm not deeply opposed to 
that), we would specify that if there is no port, connect via the usual 
XMPP methods as specified in RFC 3920, and if there is a port then 
connect using the RFC 3920 methods but do so on the specified port 
rather than by doing the SRV lookups (which is essentially there as a 
kind of legacy support for deployments that aren't smart enough to have 
SRV records). I'm not sure how our IETF friends would feel about adding 
the port to the XMPP URI format since it's really there for domains that 
can't or won't do SRV, it seems.

Have I missed anything?

Peter

-- 
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20051118/459b2bb1/attachment.bin>


More information about the Standards mailing list