-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/18/12 11:25 AM, Hannes Tschofenig wrote: > On 09/18/2012 08:21 PM, Peter Saint-Andre wrote: >>> (Btw, the current XMPP OAuth XEP is also insecure...) >> Calling it "current" is a bit of a stretch.:) It was deferred >> for inactivity quite some time ago. At this point, any use of >> OAuth in XMPP would likely be based on the SASL mechanism. > > I didn't know.
Well, Hannes, you can't know everything. ;-) > I even thought that it covered an entirely different use case, > namely between two endpoints rather than between the end host and > the XMPP server (whatever the right XMPP terminology here is). True, but it seems that few people are interested in those use cases (e.g., using OAuth for authorization to join a chatroom). Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBYtL0ACgkQNL8k5A2w/vwsSgCgna6QzPj8HywVJ2STlxLvoIN9 uLcAoIm2NsnpY78r2AyGA8A8Ppfek5+k =wNlR -----END PGP SIGNATURE-----
