[Standards] guest access
zash at zash.se
Fri Jun 26 14:58:36 UTC 2015
fre jun 26 16:45:56 2015 GMT+0200 skrev Peter Saint-Andre - &yet:
> >> Sure, you need to do the SRV two-step.
> > I'm not sure I understand completely, then. Are you proposing that the
> > target of the SRV record is the XMPP host (and thus ignore the port?)?
> I'm not sure I understand completely either. :-)
> We'll probably do something like this:
> _xmpp-client._tcp.talky.io. 400 IN SRV 20 0 5222 auth.talky.io
> _xmpp-guest._tcp.talky.io. 400 IN SRV 20 0 5222 anon.talky.io
> Naturally the ports might not be 5222 and such, but the general idea is
> that we want to point guest users at a different auth service. By "SRV
> two-step" I mean that the client would still need to resolve
> auth.talky.io or anon.talky.io in the normal ways (we're not necessarily
> going to point directly to what in draft-ietf-dane-srv we called the
> "connection endpoint").
Surely there must be something more appropriate? Eg PTR or such.
Or you might advertise something in-band.
Or why not advertise SASL ANONYMOUS and bind then in a different host? So that you connect to example.com but are given a jid on anon.example.com during resource binding.
More information about the Standards