Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 15:01:48 2009, Eloi Bail wrote: I would like to know if XMPP standard allows to push presence in case of anonymous SASL ? That's certainly possible. In general, an anonymous user is authenticated, and can do anything that a non-anonymous account can. Like any account, though, it could be restricted in a number of ways, such as having no ability to send traffic across domains, etc. Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
Re: [Standards] Anonymous SASL and Presence
On Tue, Jun 30, 2009 at 3:01 PM, Eloi Baileloi.b...@gmail.com wrote: Hi, I would like to know if XMPP standard allows to push presence in case of anonymous SASL ? It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. Matthew
Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. FWIW, although I agree that's what *should* happen, nothing in the specifications available says that's what does. Perhaps an update to include such things in XEP-0175 is in order? Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 16:20:25 2009, Jiří Zárevúcky wrote: 2009/6/30 Dave Cridland d...@cridland.net: On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. FWIW, although I agree that's what *should* happen, nothing in the specifications available says that's what does. Actually, XMPP-IM does. At least for broadcasts as long as roster is enabled. Of course the roster may be disabled. Routing of directed presences is not strictly required, too. No, I meant the unique (~random) JID, and the empty or temporary roster. None of those things are specified. What happens if you have a roster is, of course, specified. Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
Re: [Standards] Anonymous SASL and Presence
2009/6/30 Dave Cridland d...@cridland.net: On Tue Jun 30 16:20:25 2009, Jiří Zárevúcky wrote: 2009/6/30 Dave Cridland d...@cridland.net: On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. FWIW, although I agree that's what *should* happen, nothing in the specifications available says that's what does. Actually, XMPP-IM does. At least for broadcasts as long as roster is enabled. Of course the roster may be disabled. Routing of directed presences is not strictly required, too. No, I meant the unique (~random) JID, and the empty or temporary roster. None of those things are specified. There is nothing that would classify random JID as something special. The same applies to empty and temporary roster. And you can't say rules of XMPP-IM don't apply to them. What happens if you have a roster is, of course, specified.
Re: [Standards] Anonymous SASL and Presence
Thanks for your reply... As I understood, if I want to push my presence, I have to send a stanza for each JID because XMPP servers can not route my presence (because roster empty)... which is not very great :( So I guess, I have to use encryption SASL, to have a not random JID and so push only one time my presence. Right ? Eloi 2009/6/30 Jiří Zárevúcky zarevucky.j...@gmail.com 2009/6/30 Dave Cridland d...@cridland.net: On Tue Jun 30 16:20:25 2009, Jiří Zárevúcky wrote: 2009/6/30 Dave Cridland d...@cridland.net: On Tue Jun 30 15:33:35 2009, Matthew Wild wrote: It does. Anonymous users get given a unique (~random) JID, with an empty roster. So you /can/ send presence, you just either have to send it to a known address, or add people to your temporary roster first. FWIW, although I agree that's what *should* happen, nothing in the specifications available says that's what does. Actually, XMPP-IM does. At least for broadcasts as long as roster is enabled. Of course the roster may be disabled. Routing of directed presences is not strictly required, too. No, I meant the unique (~random) JID, and the empty or temporary roster. None of those things are specified. There is nothing that would classify random JID as something special. The same applies to empty and temporary roster. And you can't say rules of XMPP-IM don't apply to them. What happens if you have a roster is, of course, specified.
Re: [Standards] Anonymous SASL and Presence
2009/6/30 Eloi Bail eloi.b...@gmail.com: To authenticate to a XMPP server, I must implement encryption. I wanted to test without it, to have a XMPP client as light as possible... I have to go strait to SASL with encryption so... Thanks for your reply ! Eloi Nope, you don't need to. You can connect without TLS and with PLAIN SASL authentication. Some servers don't enable such combination, so you have to find one that doesn't enforce secure password transfer.
Re: [Standards] Anonymous SASL and Presence
On Tue Jun 30 16:46:04 2009, Eloi Bail wrote: To authenticate to a XMPP server, I must implement encryption. I wanted to test without it, to have a XMPP client as light as possible... I have to go strait to SASL with encryption so... Oh... Although the specification says that plaintext authentication MUST NOT be offered without an encryption layer in place, I'm not aware of any server that does not offer a configuration where plaintext authentication without any TLS is allowed. I'm pretty sure that the majority of deployments offer both SASL PLAIN, and the older XEP-0078, without any TLS or other encryption. That said, there are also lots of SASL libraries and TLS libraries, for almost every language, so if you *are* implementing encryption, that's probably a bad thing anyway. :-) Dave. -- Dave Cridland - mailto:d...@cridland.net - xmpp:d...@dave.cridland.net - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ - http://dave.cridland.net/ Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
