At the XMPP Summit yesterday, we talked about a few items of interest to BOSH implementors:
1. Nathan Fritz raised the issue of session collisions, which they've seen at Seesmic. As far as I know, no conclusions were reached on this issue. Feel free to expland on this if you were part of the discussions. 2. Consensus that the current secure="true" flag on the BOSH <body/> element is useless. Jack Moffitt recommended removing this and adding a security consideration about what the BOSH connection manager should accept and not accept from the XMPP server. He and I will work on text. 3. In a hallway discussion at 2 AM one morning, Fabio Forno mentioned to me that the spec might explicitly say that a BOSH connection manager could support HTTP cookies as an optimization (support would be completely optional). I don't know if he brought this up during the meetings because I was roving around from group to group. 4. I mentioned that writing the BOSH section of the XMPP book had helped me grok BOSH in fullness, so I may adjust the spec to reflect that new understanding. What am I missing? /psa [ written en route from Brussels, delivery times may vary :) ]
smime.p7s
Description: S/MIME Cryptographic Signature
