On Dec 20, 2007 12:26 PM, Richard Dobson <[EMAIL PROTECTED]> wrote: > > > This is fine, but will never get traction in the larger population. If > > you want users on IE6 (30% of web traffic) to be able to authenticate > > to your application using xmpp, then you need to find a methodology > > that works across browsers. (not only that but I'm a bit leary of web > > technologies that elinks can't digest by default). > > > > So, it's true, making an extension that does XEP-0070 isn't that hard, > > and it's a good method of authentication, but I don't think you'll see > > any kind of uptake in the web until it's supported without extensions > > by browser by default, and the only effective way to do that is use an > > http/html based authentication method. > > Sorry but no, its easy enough to write extensions for at the very least > the most popular browsers (IE and Firefox), and when a user installs > their XMPP client it could easily install such extensions as a part of > the client installation, just as Windows Live Messenger installs its > Live Login thingy when you install that, its not difficult and doesnt > need to be included in browsers by default for us to get things going, > if someone has an XMPP account they are pretty likely to have a client > installed too. > > We could even possibly work on community efforts to develop these > extensions with a defined set APIs so that the extensions only need be > written once for each browser and all client developers can just > distribute it with their clients rather than each needing to write their > own.
So let's say I'm a user at site X, I typically sign into site X via "xmpp", this is no problem at my workstation at home where I've installed "extension y" in my browser that enables me to send jabber messages to authenticate. But I'm in an airport, I want to validate my identity, and their browser doesn't support jabber authentication because they don't have an extension installed to support it. There's backup methods of entering credentials directly, but then I have to come up with a separate password for each site I log into with my jabber credentials so that there's a fallback route. Similarly, let's say that I have an iphone and it doesn't have extension support yet, so I'm out of luck when it comes to authenticating in that method. > > Richard > >
