Gaston Dombiak and I had a chat this afternoon about XEP-0225 (Component Connections). Here are our conclusions:
1. The current binding stuff is wrong. We should reserve the term "binding" for binding resources (as in RFC 3920). The current binding stuff is a form of authorization, not binding. 2. So we need a way to complete authorization. We talked about ways to do this in SASL (e.g., authenticate as an initial identity = domain and then authorize multiple identities after that), but we agreed that (1) we don't know exactly how that would work in SASL-land and (2) most XMPP servers probably would not enable you to authorize multiple identities in one XML stream. Therefore we concluded that a better approach would be to allow multiple XML streams over the same TCP connection (similar in some ways to piggybacking for server dialback), so that after authenticating as foo.example.com you could negotiate a second stream for bar.example.com and so on. Thus one identity per stream. 3. This leaves binding as a way to bind resources, as Daniel Henninger and I previously discussed on this list. So the server could bind multiple resources to foo.example.com for load-balancing or whatever it wants. I'll work on revisions to XEP-0225 along these lines soon. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
