[Standards] XMPP OAuth2 login at Google

Hannes Tschofenig hannes.tschofenig at gmx.net
Tue Sep 18 17:25:24 UTC 2012


On 09/18/2012 08:21 PM, Peter Saint-Andre wrote:
>> (Btw, the current XMPP OAuth XEP is also insecure...)
> Calling it "current" is a bit of a stretch.:)  It was deferred for
> inactivity quite some time ago. At this point, any use of OAuth in
> XMPP would likely be based on the SASL mechanism.

I didn't know.

I even thought that it covered an entirely different use case, namely 
between two endpoints rather than between the end host and the XMPP 
server (whatever the right XMPP terminology here is).




More information about the Standards mailing list