On Thu, Oct 10, 2019 at 11:01:56AM +0300, Evgeny wrote:
> On Thu, Oct 10, 2019 at 10:52 AM, JC Brand <li...@opkode.com> wrote:
> > You're arguing against a point nobody made.
> > 
> > Nobody advocated using BOSH to bypass restrictions in XEP-0198.
> > The issue Georg mentioned isn't due to anything in XEP-0198.
> > 
> > The issue is with the SASL anonymous login mechanism not allowing you to
> > reconnect with the same JID, which happens **before** trying to resume a
> > XEP-0198 session.
> The issue is *exactly* due to limitation in XEP-0198 that you're trying to
> bypass with BOSH: since XEP-0198 doesn't allow you to resume a session
> without re-authentication (and with SASL ANONYMOUS you cannot
> re-authenticate with the same JID), you resort to use BOSH to bypass this
> restriction, since it's *implicitly* using session identifiers as
> authentication tokens.

Now you're saying "limitation", previously you said "restriction".

I agree that XEP-0198 is limited in the sense that it doesn't concern itself
with authentication and that this problem occurs at the authentication level.

Seems like XEP-0397 solves it though.

Attachment: signature.asc
Description: PGP signature

Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: standards-unsubscr...@xmpp.org

Reply via email to