[Standards] Feedback to Compliance Suites 2020
lists at opkode.com
Thu Oct 10 08:20:57 UTC 2019
On Thu, Oct 10, 2019 at 11:01:56AM +0300, Evgeny wrote:
> On Thu, Oct 10, 2019 at 10:52 AM, JC Brand <lists at opkode.com> wrote:
> > You're arguing against a point nobody made.
> > Nobody advocated using BOSH to bypass restrictions in XEP-0198.
> > The issue Georg mentioned isn't due to anything in XEP-0198.
> > The issue is with the SASL anonymous login mechanism not allowing you to
> > reconnect with the same JID, which happens **before** trying to resume a
> > XEP-0198 session.
> The issue is *exactly* due to limitation in XEP-0198 that you're trying to
> bypass with BOSH: since XEP-0198 doesn't allow you to resume a session
> without re-authentication (and with SASL ANONYMOUS you cannot
> re-authenticate with the same JID), you resort to use BOSH to bypass this
> restriction, since it's *implicitly* using session identifiers as
> authentication tokens.
Now you're saying "limitation", previously you said "restriction".
I agree that XEP-0198 is limited in the sense that it doesn't concern itself
with authentication and that this problem occurs at the authentication level.
Seems like XEP-0397 solves it though.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: not available
More information about the Standards