Hello Philipp Thanks a lot for the input, and taking the time to read the proposal. I'll try to address your concerns one at a time:
> section 3.3.1 describes how to find an xmpp servers. The methods described > there aren't limited to iot (at least the dhcp one), so it might be a good > idea to split them off. Not sure how useful that is however. Ok. Can we break this out at a later stage? I agree it makes sense to have §3.3 in a separate XEP. But can we wait with this until Experimental phase, when it is more complete and we have experimented with it a bit? > section 3.4: > I don't think IBR should be recommended anymore. IoT requires automatic account creation. However, I agree it must also be secure, from the point of view of the server administrator, especially if servers are publically available. I will post a separate XEP soon, that provides a secure in-band registration mechanism that can be used by things. > section 3.5: > I would recommend moving the discovery to standard disco#items and to use > components (xep-0114) -- those are not much harder to write than standard > clients and have many advantages in terms of managability. Note sure here how this relates to 3.5. Was it a particular step you referred to? > Having hardcoded accounts like 'discovery' is a no-go imo, even with the > security considerations. Ok. Have removed the hardcoded accounts. > Affects all examples, but that might be a simple search-replace. Not really. The examples, are only examples. Now, with the hardcoded step discovery@domain, is just a JID, like any other. > section 3.11: > the comment from 3.5 applies here as well. Hardcoded accounts have been removed. > example 36 closes update instead of search. Updated. Best regards, Peter Waher