Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 16:46:04 2009, Eloi Bail wrote: To authenticate to a XMPP server, I must implement encryption. I wanted to test without it, to have a XMPP client as light as possible... I have to go strait to SASL with encryption so... Oh... Although the specification says that plaintext authentication MUST NOT be offered without an encryption layer in place, I'm not aware of any server that does not offer a configuration where plaintext authentication without any TLS is allowed. I'm pretty sure that the majority of deployments offer both SASL PLAIN, and the older XEP-0078, without any TLS or other encryption. That said, there are also lots of SASL libraries and TLS libraries, for almost every language, so if you *are* implementing encryption, that's probably a bad thing anyway. :-) Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
Re: [Standards] Anonymous SASL and Presence
Great idea ! I will figure this out. Thanks a lot :) Eloi 2009/6/30 Jiří Zárevúcky > 2009/6/30 Eloi Bail : > > To authenticate to a XMPP server, I must implement encryption. I wanted > to > > test without it, to have a XMPP client as light as possible... > > I have to go strait to SASL with encryption so... > > Thanks for your reply ! > > Eloi > > > > Nope, you don't need to. You can connect without TLS and with PLAIN > SASL authentication. Some servers don't enable such combination, so > you have to find one that doesn't enforce secure password transfer. >
Re: [Standards] Anonymous SASL and Presence
2009/6/30 Eloi Bail : > To authenticate to a XMPP server, I must implement encryption. I wanted to > test without it, to have a XMPP client as light as possible... > I have to go strait to SASL with encryption so... > Thanks for your reply ! > Eloi > Nope, you don't need to. You can connect without TLS and with PLAIN SASL authentication. Some servers don't enable such combination, so you have to find one that doesn't enforce secure password transfer.
Re: [Standards] Anonymous SASL and Presence
To authenticate to a XMPP server, I must implement encryption. I wanted to test without it, to have a XMPP client as light as possible... I have to go strait to SASL with encryption so... Thanks for your reply ! Eloi 2009/6/30 Jiří Zárevúcky > 2009/6/30 Eloi Bail : > > Thanks for your reply... > > As I understood, if I want to push my presence, I have to send a stanza > for > > each JID because XMPP servers can not route my presence (because roster > > empty)... which is not very great :( > > So I guess, I have to use encryption SASL, to have a not random JID and > so > > push only one time my presence. > > Right ? > > > > Eloi > > > > I don't quite understand what are you asking. If you need an XMPP > account for normal communication, you will register it and > authenticate with your registered JID and password. Anonymous > authentication is kinda special-purpose one-time thing. You'll > generally not need to send any presences with it, except perhaps a few > directed ones... >
Re: [Standards] Anonymous SASL and Presence
2009/6/30 Eloi Bail : > Thanks for your reply... > As I understood, if I want to push my presence, I have to send a stanza for > each JID because XMPP servers can not route my presence (because roster > empty)... which is not very great :( > So I guess, I have to use encryption SASL, to have a not random JID and so > push only one time my presence. > Right ? > > Eloi > I don't quite understand what are you asking. If you need an XMPP account for normal communication, you will register it and authenticate with your registered JID and password. Anonymous authentication is kinda special-purpose one-time thing. You'll generally not need to send any presences with it, except perhaps a few directed ones...
Re: [Standards] Anonymous SASL and Presence
Thanks for your reply... As I understood, if I want to push my presence, I have to send a stanza for each JID because XMPP servers can not route my presence (because roster empty)... which is not very great :( So I guess, I have to use encryption SASL, to have a not random JID and so push only one time my presence. Right ? Eloi 2009/6/30 Jiří Zárevúcky > 2009/6/30 Dave Cridland : > > On Tue Jun 30 16:20:25 2009, Jiří Zárevúcky wrote: > >> > >> 2009/6/30 Dave Cridland : > >> > On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: > >> >> > >> >> It does. Anonymous users get given a unique (~random) JID, with an > >> >> empty roster. So you /can/ send presence, you just either have to > send > >> >> it to a known address, or add people to your temporary roster first. > >> > > >> > FWIW, although I agree that's what *should* happen, nothing in the > >> > specifications available says that's what does. > >> > > >> > >> Actually, XMPP-IM does. At least for broadcasts as long as roster is > >> enabled. Of course the roster may be disabled. Routing of directed > >> presences is not strictly required, too. > > > > No, I meant the "unique (~random) JID", and the "empty" or "temporary > > roster". None of those things are specified. > > > > There is nothing that would classify "random JID" as something > special. The same applies to "empty" and "temporary" roster. And you > can't say rules of XMPP-IM don't apply to them. > > > What happens if you have a roster is, of course, specified. > > >
Re: [Standards] Anonymous SASL and Presence
2009/6/30 Dave Cridland : > On Tue Jun 30 16:20:25 2009, Jiří Zárevúcky wrote: >> >> 2009/6/30 Dave Cridland : >> > On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: >> >> >> >> It does. Anonymous users get given a unique (~random) JID, with an >> >> empty roster. So you /can/ send presence, you just either have to send >> >> it to a known address, or add people to your temporary roster first. >> > >> > FWIW, although I agree that's what *should* happen, nothing in the >> > specifications available says that's what does. >> > >> >> Actually, XMPP-IM does. At least for broadcasts as long as roster is >> enabled. Of course the roster may be disabled. Routing of directed >> presences is not strictly required, too. > > No, I meant the "unique (~random) JID", and the "empty" or "temporary > roster". None of those things are specified. > There is nothing that would classify "random JID" as something special. The same applies to "empty" and "temporary" roster. And you can't say rules of XMPP-IM don't apply to them. > What happens if you have a roster is, of course, specified. >
Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 16:20:25 2009, Jiří Zárevúcky wrote: 2009/6/30 Dave Cridland : > On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: >> >> It does. Anonymous users get given a unique (~random) JID, with an >> empty roster. So you /can/ send presence, you just either have to send >> it to a known address, or add people to your temporary roster first. > > FWIW, although I agree that's what *should* happen, nothing in the > specifications available says that's what does. > Actually, XMPP-IM does. At least for broadcasts as long as roster is enabled. Of course the roster may be disabled. Routing of directed presences is not strictly required, too. No, I meant the "unique (~random) JID", and the "empty" or "temporary roster". None of those things are specified. What happens if you have a roster is, of course, specified. Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
Re: [Standards] Anonymous SASL and Presence
2009/6/30 Dave Cridland : > On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: >> >> It does. Anonymous users get given a unique (~random) JID, with an >> empty roster. So you /can/ send presence, you just either have to send >> it to a known address, or add people to your temporary roster first. > > FWIW, although I agree that's what *should* happen, nothing in the > specifications available says that's what does. > Actually, XMPP-IM does. At least for broadcasts as long as roster is enabled. Of course the roster may be disabled. Routing of directed presences is not strictly required, too.
Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. FWIW, although I agree that's what *should* happen, nothing in the specifications available says that's what does. Perhaps an update to include such things in XEP-0175 is in order? Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
Re: [Standards] Anonymous SASL and Presence
On Tue, Jun 30, 2009 at 3:01 PM, Eloi Bail wrote: > Hi, > > > I would like to know if XMPP standard allows to push presence in case of > anonymous SASL ? > It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. Matthew
Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 15:01:48 2009, Eloi Bail wrote: I would like to know if XMPP standard allows to push presence in case of anonymous SASL ? That's certainly possible. In general, an anonymous user is "authenticated", and can do anything that a non-anonymous account can. Like any account, though, it could be restricted in a number of ways, such as having no ability to send traffic across domains, etc. Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade