[Standards] XEP-0305: XMPP Quickstart

Florian Schmaus flo at geekplace.eu
Tue Sep 22 16:56:20 UTC 2015


On 22.09.2015 17:52, Peter Saint-Andre - &yet wrote:
> XEP-0305 was originally written to satisfy some requirements among a
> team that had concerns about the number of round trips needed to
> establish an XMPP session. That team no longer exists. As the author, I
> also have serious reservations about the spec, not limited to the issue
> that Thijs Alkemade recently raised: https://github.com/xsf/xeps/issues/69
> 
> Therefore I am seriously considering a request to change the state of
> this document to Retracted.
> 
> Before doing so, I would like to know if anyone on this list has
> implemented this quickstart method, or is seriously considering such an
> implementation.

Although I also suffer from XMPP's multiple round trips at login, I
don't think the Quickstart approach is a good one. It is error prone and
has interesting corner cases, as Thijs's PR shows. And it is also not
easy to implement for clients and servers: I was looking into
implementing this in Smack and Openfire and found that it would require
fundamental modifications. Of course, it could be possible that it is
easier to implement if someone adds Quickstart support right from the
start to its XMPP stack, or that some other existing XMPP stacks make it
easier to add Quickstart support.

The solution I have in mind is *Quickresume*: Based on xep198, servers
simply hand out a secure token which clients can use to quickly resume a
stream by just sending a single TLS-secured Quickresume Nonza to the
server. The TLS handshake is done right away, no starttls involved. Of
course this still means multiple roundtrips for the initial login, but I
don't think this is a problem nowadays. I've some more technical notes
about this here, in case someone is interested. I also wanted to
(Proto)XEP this, but was not able to allocate the time yet.

- Florian


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20150922/6f9ec056/attachment.sig>


More information about the Standards mailing list