[Jabber-IETF] Agenda items

David Waite mass at akuma.org
Wed Oct 9 19:16:23 CDT 2002


I assert that existing implementations will return an error to the user 
if they send a sasl:mechanism request - maybe we should send a request 
always, rather than expecting our definition of the sasl namespace 
indicates a request? e.g.

<stream:stream to='example.com' xmlns='jabber:client' 
xmlns:stream='http://etherx.jabber.org/streams'>

<saslish:request 
xmlns:saslish=''http://www.iana.org/assignments/sasl-mechanisms'/>

if a server does not understand SASL authentication, it would respond with

<saslish:mechanisms type='error' 
xmlns:saslish='http://www.iana.org/assignments/sasl-mechanisms'>
<error code='406'>Not Acceptable</error></saslish:mechanisms>

-David Waite

Joe Hildebrand wrote:

>One compromise way, which doesn't require the <stream:stream> to have a
>xmlns:sasl, and doesn't break existing implementations, is for the result of
>the iq/get/auth to include a flag to tell the client that it can use sasl.
>
>Something like:
>
><iq id='jcl_1' type='result'>
>  <query xmlns='jabber:iq:auth'>
>    <username>hildjj</username>
>    <digest/>
>    <sasl xmlns='http://www.iana.org/assignments/sasl-mechanisms'/>
>    <resource/>
>  </query>
></iq>
>
>Yes, this has the downside of your still having to send the username in the
>iq/get/auth, but that's a price we pay for backward-compatibility.
>
>  
>





More information about the xmppwg mailing list