For buddycloud we use IBR on localhost that the API talks to. It definitely has it's place. Perhaps a better approach would be to adapt xmpp.net to also test for insecre IBR.
S. On 4 November 2015 at 14:58, Peter Waher <[email protected]> wrote: > Hello > > While I'm for deprecating unsecured IBR, IBR still has an important role > in automation, especially in IoT, if it is made secure, as proposed in > XEP-0348, ยง3.1. It provides a means of controlling amounts of accounts that > can be created, and by whom (parties trusted to create certain number of > accounts). > > Perhaps an overhaul of this process, or a new process that permits > automatic Creation of accounts in a controlled manner, is better than just > deprecating IBR without providing an alternative. > > Best regards, > Peter Waher > > > So, something for next Council to ponder: > > > > In light of spam attacks using throw-away accounts, and given than 77 is > final and we?re not going to be able to mandate a significant overhaul, is > it time to deprecate (and obsolete) 77 and send a clear message that this > should not be being used on open networks? > > > > /K > > -- Simon Tennant | CEO Buddycloud <http://buddycloud.com> | +49 17 8545 0880 | Meet <https://calendly.com/simon-tennant/buddycloud-call>
