[Standards-JIG] proto-JEP: Best Practices for Implementation of SASL ANONYMOUS

Vinod Panicker vinod.p at gmail.com
Sat Feb 4 04:12:16 UTC 2006


On 2/3/06, Mickael Remond <mickael.remond at process-one.net> wrote:
> * JEP Editor <editor at jabber.org> [2006-01-24 23:42:10 -0600]:
>
> > The JEP Editor has received a proposal for a new JEP.
> >
> > Title: Best Practices for Implementation of SASL ANONYMOUS
> >
> > Abstract: This document specifies best practices for implementation of
> > the SASL ANONYMOUS mechanism in the context of client authentication
> > with an XMPP server.
>
> I have a question regarding implementation practices: does it make sense
> to allow to mix anonymous temporary users and named users on the same
> virtual host ?
> This is an open question, as I have a mixed feeling about this question.

It really depends on where its going to be use.  I have a scenario
where its necessary to allow both anonymous and named users.  If a
server does support anonymous logins, it should have some kind of
authorization framework that decides what privileges anonymous users
will have.

Regards,
Vinod.



More information about the Standards mailing list