On 09/18/2012 08:21 PM, Peter Saint-Andre wrote:
(Btw, the current XMPP OAuth XEP is also insecure...)Calling it "current" is a bit of a stretch.:) It was deferred for inactivity quite some time ago. At this point, any use of OAuth in XMPP would likely be based on the SASL mechanism.
I didn't know.I even thought that it covered an entirely different use case, namely between two endpoints rather than between the end host and the XMPP server (whatever the right XMPP terminology here is).
