[Standards] Re: securing in-band registration
gnauck at ag-software.de
Thu Jul 19 06:28:14 UTC 2007
> Part of the solution is requiring x:data forms for registration. Yes, as
> Matthias pointed out this will make life difficult for existing clients.
> So we need to define a transition strategy. Clearly define how the
> x:data-only registration works and set some goals for deprecating the
> old way of doing things.
don't think that clients are a problem. Once this is implemented in the
first servers we will see it also in clients. At least this it what
always happened in the past.
> If we support media-in-forms (e.g. CAPTCHAs) we may have even stronger
> weapons. See XEP-0221 for the media element definition (recently moved
> from XEP-0158).
i agree, media-in-forms and CAPTCHAs is the way to go. And with that we
are also prepared for new technologies. Because there exist decoders for
the most CAPTCHAS today.
More information about the Standards