[Standards] Account Management protoXEP
Kurt.Zeilenga at Isode.COM
Wed Sep 21 17:42:35 UTC 2011
On Sep 21, 2011, at 8:53 AM, Dave Cridland wrote:
> Registration does indeed pose a problem - I see three strategies for dealing with it:
I think registration is divorce-able from management of existing accounts, and should be divorced.
I suspect there is little actual demand from deployers for In-XMPP registration. Most folks are likely to use some sort of out-of-band method to provision users… even public XMPP services are likely to use web-based provision.
I rather we worry more about user management of their existing account.
> a) We avoid the issue entirely. This is probably the sensible option - it's conceptually distinct from other areas of account management in any case.
> b) We use stream features or pre-auth IQ. Neither are, to my mind, terribly palatable.
> c) We use anonymous authentication to the server (or its delegated account management service) and then use fairly ordinary <iq/>s. This seems to fit neatly into the design of XMPP.
> For both account management and registration, using the ad-hoc framework seems most sensible - it would allow us maximum flexibility as well as near-instant deployment.
> If this seems like a good starting point, then I'm perfectly happy to write this up, and equally happy if someone else wants to.
> Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
> - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
> - http://dave.cridland.net/
> Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Standards