[Standards] XMPP Council Minutes 2018-05-30

Sam Whited sam at samwhited.com
Wed Jun 6 16:54:15 UTC 2018


On Wed, Jun 6, 2018, at 11:30, Jonas Wielicki wrote:
> I see that the IQ-based pre-auth flow is an issue, and integrating this in 
> SASL2 or something is probably the better way to handle this. However, this 
> also needs to work pre- or during IBR in some way.

Yes, this makes sense; I can see why we'd need some other mechanism for updates. I'd be okay with saying "just kill the connection when the deadline is reached" (server operators can always send advance notices, triggering notifications if they're worried about users not noticing that their connection dropped, or be smart about the last time the user sent a message, the last itme they sent a CSI active, etc.), but if a simple way can be devised doing an IQ or something seems sensible too and will probably lead to a nicer experience for the user.

> I am hesitant to base anything on SASL2 with the current state of deployment 
> there.

"SASL2 can be GDPR compliant" seems like a good way to get implementation experience.

> I also accept the criticism I got from other folks (Kev I think, but don’t 
> quote me on that) that the Ad-Hoc workflow looks out of place. I’ll work on 
> that, but first I want to be on the same page with you, Sam, because I don’t 
> want to waste more time on a spec which will be -1'd.

The only difference is that I don't think we want things in experimental that we know are going to be rewritten anyways. Naturally I'd need to see the new thing before deciding if it should be advanced.

—Sam


More information about the Standards mailing list