On Tue, Sep 16, 2003 at 02:54:12PM -0700, Justin Karneges wrote: > Maybe the issue comes down to jabber:iq:register being incompatible with any > SASL mechanism that does not use plaintext passwords. If we nix iq:register, > does the problem go away? Maybe then the admin has to make a choice between > supporting anonymous registrations vs having a more-secure system.
Maybe there is a good reason why user registration occurs outside the protocol in other systems. I think in-band registration is fine for registering with components, but doesn't make sense for registering your main IM account. Peter -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.php _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
