[Standards] Feedback to Compliance Suites 2020

JC Brand lists at opkode.com
Thu Oct 10 07:59:51 UTC 2019


On Wed, Oct 09, 2019 at 09:13:59PM +0200, Jonas Schäfer wrote:
> On Mittwoch, 9. Oktober 2019 21:01:18 CEST JC Brand wrote:
> > On Wed, Oct 09, 2019 at 05:24:49PM +0200, Georg Lukas wrote:
> > > * Evgeny <xramtsov at gmail.com> [2019-10-09 17:08]:
> > > > I would like to see BOSH dropped and moving the XEP to historical or
> > > > deprecated state, because I see zero advantages over Websockets now
> > > > (supporting both XEP-0198 and BOSH makes no sense at all).
> > > 
> > > there is still an open issue with WebSockets for anonymous sessions: you
> > > can't 0198 resume anon sessions because you can't re-login with the same
> > > credentials, and thus BOSH will survive a page reload, whereas WS won't.
> > > Until this problem is solved, I'd rather not kill BOSH.
> > 
> > Yes, I was affected by this issue recently.
> > 
> > I don't see how this will get resolved without allowing the client to
> > specify the full JID it wants to re-use so that it can then use XEP-0198 to
> > resume its previous session.
> > 
> > At least one server developer was against the idea, IIRC saying that it goes
> > breaks the semantics of anonymous connections.
> 
> Which is true.
> 
> I think that for those cases, [XEP-0397] would come in handy. It can serve 
> here not only as a speedup of resumption, but also as a way to make resumption 
> possible.

Ok, so it seems the reasoning here is that XEP-0397 is the solution because
when you're using it you're not trying to log in anonymously with a pre-specified
JID (which is not allowed) in order to resume a XEP-0198 session, instead you
resume the session by means of a token (which implies a particular JID).

The difference is very subtle, but makes sense to me.

Well, to come back to Georg's point of not deprecating BOSH until we have a
solution, it seems that XEP-0397 would need to be included in the compliance
suite, at least for this particular use-case (maintaining anonymous logins
over websocket).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20191010/84237634/attachment.sig>


More information about the Standards mailing list