[Standards] Proposed XMPP Extension: Remote Authentication
waqas20 at gmail.com
Thu Dec 2 14:50:46 UTC 2010
On Thu, Dec 2, 2010 at 7:54 AM, XMPP Extensions Editor <editor at xmpp.org> wrote:
> The XMPP Extensions Editor has received a proposal for a new XEP.
> Title: Remote Authentication
> Abstract: This document defines an XMPP protocol extension that enables entities to use SASL for authentication with remote services (such as Multi-User Chat rooms).
> URL: http://www.xmpp.org/extensions/inbox/remote-auth.html
> The XMPP Council will decide at its next meeting whether to accept this proposal as an official XEP.
1. The SASL mechanisms list can be sent back in the presence error,
avoiding a round trip.
2. The presence after authentication need not be sent. On successful
auth, the initially sent presence can be used, avoiding a round trip.
3. What the authentication identity looks like is undefined. I'm not
sure if this is good or bad.
4. The error condition is 'sasl-required'. Does this imply that normal
MUC password auth should fail, even with a correct password?
And finally, an implementation:
The linked implementation works with Prosody trunk, and verifies that
the user knows the room password. This would be far more interesting
with some per-user credentials.
More information about the Standards