[Standards] XMPP OAuth2 login at Google
stpeter at stpeter.im
Tue Sep 18 17:51:58 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 9/18/12 11:25 AM, Hannes Tschofenig wrote:
> On 09/18/2012 08:21 PM, Peter Saint-Andre wrote:
>>> (Btw, the current XMPP OAuth XEP is also insecure...)
>> Calling it "current" is a bit of a stretch.:) It was deferred
>> for inactivity quite some time ago. At this point, any use of
>> OAuth in XMPP would likely be based on the SASL mechanism.
> I didn't know.
Well, Hannes, you can't know everything. ;-)
> I even thought that it covered an entirely different use case,
> namely between two endpoints rather than between the end host and
> the XMPP server (whatever the right XMPP terminology here is).
True, but it seems that few people are interested in those use cases
(e.g., using OAuth for authorization to join a chatroom).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Standards