[Standards] XMPP client-centric? [was: Decloaking and Temporary Subscriptions]

Jason Eacott jason at hardlight.com.au
Fri Jan 22 01:08:17 UTC 2010



Joe Hildebrand wrote:
> On 1/21/10 4:06 AM, "Jason" <jason at hardlight.com.au> wrote:
> 
>> if xmpp supported some extra (pluggable, extensible) auth scheme
>> then this could be mitigated.
> 
> You want something more pluggable and extensible than SASL?

no this is not about replacing any such protocols.

>> I dont know how to send stanzas from a component as an arbitrary user
>> from an account of another domain. please tell me how! this is exactly
>> what I need. (in my experience the stanza is sent but the recipient
>> server rejects it, as it should).
> 
> The messages are rejected because they are spam.  Why do you want to
> impersonate people in another security domain?  I can't think of a reason
> that's not evil.

Oauth is all about impersonating other users, thats all it does!, are 
you suggesting there are no usecases for Oauth?




More information about the Standards mailing list