> Most of the discussion about XEP-0175 has assumed that servers are > exposed on the public Internet (I know that's how I have looked at it, > from my perspective as an admin of the jabber.org IM service). However, > server admins might offer a more controlled or private service, such as > a for-pay gaming service, a help desk within a corporation, an IM > "helpline" at a school, etc. In these situations, the admins might want > to open up the options a bit more. This is where Jack Moffitt is coming > from with his concerns (Chesspark, Collecta), and perhaps Andy Skelton > (Wordpress) as well. I think it's important to capture both > perspectives, and I don't think we've quite done so yet in the spec. > Perhaps I'll have time to wordsmith it a bit further next week.
My use is more of a lazy hack. I want to use the anonymous JID resource to store information about BOSH clients. For example, we could have a number of web pages on different domains connecting via proxy to a single BOSH service and we would like to know at a glance the domain name of the site they are connecting from: [email protected]/live.gizmodo.com for example. Our service would not care whether anonymous clients crafted "fraudulent" resources because our server already guarantees a unique bare JID for anonymous clients (ejabberd) and our use of the resource would only be for convenience. We might not even use it this way, but I wouldn't like the spec telling me not to. Andy
