Pedro Melo wrote: > Hi, > > On Aug 23, 2008, at 2:12 PM, Dirk Meyer wrote: >> IMHO OAuth is kind of stupid. I have to trust a server I do not >> know. No, the point is that I can upload a certificate to my XMPP >> server and the owner of that certificate (a bot, a client I do not >> trust) can log in using SASL-EXTERNAL as me without having the >> password. > > OAuth is not stupid. The server you do not trust is your own XMPP > server. If you don't trust that, well, what are you doing connected > to him?
Oops, sorry, I messed up OAuth and OpenID. My fault, ignore me. > I can ask my XMPP server for a opaque token that I provide to my bot > and he can use that to authenticate. > > Having said that, I also like your "upload-certificate" idea. Combine OAuth with SASL for server login .... nice one. Use your XMPP connection to generate a token and give that to the new not-so-trusted client and it can log in with it. The client gives away its certificate for future logins. >>> Yes, what do we need from the server? In a perfect world I would hope >>> not to have to go through the server apart from the Jingle >>> negotiation? Ok, and IBB-Jingle fallback. >> >> In that case we need a SOCKS5 proxy or a TURN server. I prefer the >> TURN server but we lack ice-tcp support to use it. > > If you can negotiate a direct TCP (or TCP-like with order guarantees) > via ICE, much better. Direct should be possible if only one is behind a NAT or a firewall. If both are you need the help of a TURN server. Well, there is STUNT (STUN over TCP) but IMHO this is a bad hack and it won't work with all router. You could also add UPnP IGD to open a port on your router, or the similar method apple used (I can not remember the name right now, it is an IETF draft) or you can put a TURN server on your router. >> I also need the server to help me find a TURN server I can use if I >> need one. > > Isn't this a problem to be solved by the Jingle specs? Yes. On the list we only need to know that there is way to open a stream between clients. How we do that should be discussed on the jingle list. Dirk -- A)bort, R)etry, I)nfluence with large hammer.
