On Wed, Jan 09, 2008 at 03:27:06PM +0100, Maciek Niedzielski wrote: > Guenther Niess wrote: > >>I was just chatting about this with Maciek Niedzielski and he suggested > >>a different kind of workflow for XEP-0070-like functionality > >But some problems are still there. > > > >1. If you want to use the authorization service, you have to use a > > client that support that protocoll. > I think that there are more clients out there that support sending a > plain message than clients that support XEP-0070 ;) > But I guess what you wanted to say is that a client needs to support > xmpp URI to make this work. > ... You're right. I didn't understand the XMPP URI correctly, so my doubts and thoughts were based on the gap in my knowledge and maybe that's why my computer isn't configured correctly at the moment :-/
> >At all I think the spam problem by another user is not as big as the > >problems you get when you can't use the authorization service. And > >at my opinion when you implement the existing XEP 70 you can help the > >user to get not such a big problem, by: > ... I don't agree with your all details, but in the end I agree with the statement that there are all attempts to fix a hole in the design of the XEP and it's much better to fix this hole with a better workflow. I don't have any doubts against that workflow so in my opinion it should be prepaired as a XEP to displace the existing XEP 70. But the requirement of a configured system and that the user have to be online with his XMPP account is one of the reasons to think that the proposition of Andres with the HTTP Digest Auth (like OpenID) way have also a right to exist and should be prepaired. -- Günther
