[Standards] guest access

Kim Alvefur zash at zash.se
Fri Jun 26 14:58:36 UTC 2015


fre jun 26 16:45:56 2015 GMT+0200 skrev Peter Saint-Andre - &yet:
> >> Sure, you need to do the SRV two-step.
> >
> > I'm not sure I understand completely, then. Are you proposing that the
> > target of the SRV record is the XMPP host (and thus ignore the port?)?
> 
> I'm not sure I understand completely either. :-)
> 
> We'll probably do something like this:
> 
>     _xmpp-client._tcp.talky.io. 400 IN SRV 20 0 5222 auth.talky.io
>     _xmpp-guest._tcp.talky.io. 400 IN SRV 20 0 5222 anon.talky.io
> 
> Naturally the ports might not be 5222 and such, but the general idea is 
> that we want to point guest users at a different auth service. By "SRV 
> two-step" I mean that the client would still need to resolve 
> auth.talky.io or anon.talky.io in the normal ways (we're not necessarily 
> going to point directly to what in draft-ietf-dane-srv we called the 
> "connection endpoint").

Surely there must be something more appropriate? Eg PTR or such. 

Or you might advertise something in-band.

Or why not advertise SASL ANONYMOUS and bind then in a different host? So that you connect to example.com but are given a jid on anon.example.com during resource binding. 

--
Kin Alvefur


More information about the Standards mailing list