This is fine, but will never get traction in the larger population. If
you want users on IE6 (30% of web traffic) to be able to authenticate
to your application using xmpp, then you need to find a methodology
that works across browsers. (not only that but I'm a bit leary of web
technologies that elinks can't digest by default).
So, it's true, making an extension that does XEP-0070 isn't that hard,
and it's a good method of authentication, but I don't think you'll see
any kind of uptake in the web until it's supported without extensions
by browser by default, and the only effective way to do that is use an
http/html based authentication method.
Sorry but no, its easy enough to write extensions for at the very least
the most popular browsers (IE and Firefox), and when a user installs
their XMPP client it could easily install such extensions as a part of
the client installation, just as Windows Live Messenger installs its
Live Login thingy when you install that, its not difficult and doesnt
need to be included in browsers by default for us to get things going,
if someone has an XMPP account they are pretty likely to have a client
installed too.
We could even possibly work on community efforts to develop these
extensions with a defined set APIs so that the extensions only need be
written once for each browser and all client developers can just
distribute it with their clients rather than each needing to write their
own.
Richard
