Thanks Matt (and others) for pursuing this, IMHO very worthwhile goal.
I think I like what I've seen so far, but… On 18/10/2022 16.01, Matthew Wild wrote:
1) Advertisement of supported "inline" features […] While implementing, I quickly realised that the server supporting SASL2 and also supporting XEP-0198 is not enough information to determine that the server supports negotiating XEP-0198 inline within SASL2. For this reason we added the <inline> element within the SASL2 stream feature element. This <inline> lists the features that are supported for SASL2 inlining. An example of this can be found here: https://dyn.eightysoft.de/final/xep-0388.html#example-2
…do we really need <inline/>?Couldn't clients create a sasl2 <authenticate/> nonza, opportunistically adding all extensions the client suspects, derived from the stream features, that server supports via bind2? Then we only need to require that the server (briefly) acknowledges each supported feature in the response, which is potentially already the case for the majority of features.
Features that the server does not support via sasl2, and hence where not acknowledged, could be enabled "traditionally" by the client. This is something clients may want to support anyway, in case the server does not announce the feature <inline/>, but otherwise supports it. Or am I mistaken here?
In any case, I feel that <inline/>, and related mechanisms, is more bind2 territory than sasl2. If <inline/> stays in sasl2, then wouldn't we potentially end-up with <inner-inline/> in bind2 too?
Luckily we appear to have already some implementations of the proposed protocol (changes). Could the maintainers of such implementations maybe provide some real world exchanges of the (currently) most sophisticated sasl2 XMPP-session establishments currently being performed. I am thinking of MAM, carbons, SM resumption, and more. I would like to get a better understanding how sasl2 can be used with existing widely-deployed protocols and with bind2. Or is bind2 outside the scope (for now?)?
- Flow
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
