* Jonas Schäfer <[email protected]> [2020-01-08 17:12]: > Revert version 0.3.0, which was merged prematurely and incorrectly.
Thanks, Jonas. I've resubmitted the change as https://github.com/xsf/xeps/pull/874 Marc also kindly asked to bring this up for wider discussion, so here it is. Council feedback on the initial submission of 0401 included criticism of using a manually modified IBR element for the special case of registering-with-a-token. While I agree that it was an ugly hack, I also deeply hate data forms, so I tried to walk a different line this time. The proposed change adds a separate unauthenticated IQ before IBR, in which the preauth token is communicated to the server. This is using IQ semantics and thus is easy to implement on clients, including the handling of errors. OTOH, server-side handling of pre-auth IQs is problematic, I was told. People also suggested using a dedicated stream element for this, which is possible but requires more glue logic to parse stanza errors from it. This is not perfect: because it is part of a dedicated exchange, there is now a decoupling between checking the validity of a token (on the preauth IQ) and actually redeeming it (on the following IBR). This can be made work more elegantly on top of SASL2, but I wanted to have something that can be deployed today (and it's live on yax.im and in the yaxim nightly beta for a week now). Kind regards, Georg -- || http://op-co.de ++ GCS d--(++) s: a C+++ UL+++ !P L+++ !E W+++ N ++ || gpg: 0x962FD2DE || o? K- w---() O M V? PS+ PE-- Y++ PGP+ t+ 5 R+ || || Ge0rG: euIRCnet || X(+++) tv+ b+(++) DI+++ D- G e++++ h- r++ y? || ++ IRCnet OFTC OPN ||_________________________________________________||
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
