-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/17/12 10:16 AM, Jack Moffitt wrote: >> Heck, it sounds like a simple little spec, maybe I'll write it up >> over the weekend. ;-) > > I suggest that the JavaScript side API be the same as the W3C one, > so that this can act as a shim for browsers that don't yet have > that support. > > If we made it an HTTP API, then people outside the XMPP world > could use the same thing. The only thing we'd really need is some > modification of the stream features to include the API endpoint so > that clients can find it.
Well, I'd see HTTP and XMPP as two different ways of accessing the same service. Given that such a service could be resource-intensive to run (in fact, the XEP would need some security considerations about denial of service attacks), I would think that client authentication or registration would be necessary or strongly suggested. In the case of XMPP, the server is in charge and I expect that it would offer this service only to its registered users (and any abusive users from its domain could be easily disabled). In the case of HTTP, the story is less clear to me. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlAub9QACgkQNL8k5A2w/vxGAwCglnw0bOUn+FEJnnyia0Yps/xP K2sAn20YuVpzqecgFSV1sJxMdYzWvJuZ =qgFh -----END PGP SIGNATURE----- _______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
