Hi Florian, Your extension looks very convenient. As I understand the token can be used only once and only in context of stream resumption. What if the stream resumption fails? Should the client authenticate by regular SASL method like SCRAM-SHA-1 or would it be possible to use the token to authenticate (without resuming the session)?
Best regards Michal Piotrowski [email protected] On 12 February 2016 at 11:08, Florian Schmaus <[email protected]> wrote: > On 06.02.2016 12:22, Florian Schmaus wrote: >> On 05.02.2016 20:04, Lance Stout wrote: >>> Integrating this sort of token authentication with XEP-0198 would be the >>> bigger win, because then SASL could be skipped entirely along with the >>> initial stream setup (like how we can use BOSH with pre-binding). The >>> stream management ID could easily be a JWT or equivalent token that would >>> be sufficient for authentication. The missing piece would be allowing >>> the <resumed/> element to include a new ID value (I'm not sure why it >>> currently returns the 'previous' ID without allowing a new ID). >> >> Exactly. I always thought a fast reconnect (fr) mechanism based on >> stream management should work something like this: >> ... >> What do you think? I'm willing to XEPify this, if the approach is >> considered useful. > > Here is my suggestion how such a XEP could look like: > > http://geekplace.eu/xeps/xep-qsr/xep-qsr.html > > As always: This is an early draft, the source code can be found at > https://github.com/flowdalic/xeps, feedback and patches welcome. :) > > - Florian > > > _______________________________________________ > Standards mailing list > Info: http://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: [email protected] > _______________________________________________ > _______________________________________________ Standards mailing list Info: http://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
