headers
Alexander Gnauck | 2 Jul 20:41
Picon
Favicon
Gravatar

XSF membership application period Q3/2009

The XMPP Standards Foundation (XSF) is currently holding its quarterly
membership application period:
http://wiki.xmpp.org/web/Membership_Applications_July_2009

Applications are encouraged from developers and others who are
actively involved in the Jabber/XMPP community. To apply, create a
page about yourself on the wiki.

If you don't have a wiki account, send your name, preferred nickname
and email address to me or one of the other Sysops:
http://wiki.xmpp.org/index.php/Sysops

The application period ends on 19th July 2009 23:59h UTC, so apply today!

Regards,
Alex
--
Alexander Gnauck
xmpp:gnauck <at> jabber.org
Permalink | Reply | 1 comment |
headers
Tuomas Koski | 5 Jul 01:10
Picon
Gravatar

Re: XSF membership application period Q3/2009

Hi Alexander,

2009/7/2 Alexander Gnauck <gnauck <at> ag-software.de>:
> If you don't have a wiki account, send your name, preferred nickname
> and email address to me or one of the other Sysops:
> http://wiki.xmpp.org/index.php/Sysops

I think I'll apply. Could you create me a Wiki account to do it? Here
is the requested information:

Tuomas Koski
tkoski
koski.tuomas <at> gmail.com

Best Regards and have a great weekend!
--
Tuomas Koski
_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe <at> jabber.org
_______________________________________________
Permalink | Reply | 0 comments |
headers
Jonathan Dickinson | 6 Jul 13:02
Gravatar

SAML

Has anyone thought about how SAML [Security Assertion Markup Language] would work in terms of SASL <http://en.wikipedia.org/wiki/Saml> and XMPP? This is especially interesting regarding the whole OpenID/SSO discussion a while back; SAML isn’t bound to HTTP or any other client for that matter (don’t get the wrong idea from the abundance of HTTP documentation – it will work in any transport).

 

I have been reading a bit about SAML and it looks like they do B64 the SAML XML, with no explanation. It seems a bit strange to B64 an XML fragment in a SOAP document (or an XMPP stream for that matter) – maybe it has to do with the WS-Security schema.

 

As far as XMPP 1.0 goes we probably would have to B64 the fragment; but here are my initial thoughts on XMPP 2.0:

 

Possibly:
<mechanism type="http://www.w3.org/XML/1998/namespace">SAML</mechanism>

 

Which gives raise to:

<mechanism type="urn:xmpp:tmp:text-plain">PATHETIC</mechanism><!-- something like [name];[password] -->

 

And implicitly:

<mechanism type="urn:xmpp:tmp:base64">DIGEST-MD5</mechanism>

 

Indeed, we could go as far as to turn it into a feature on its own. It does support SASL-like mechanism selection itself; it should be possible to jippo SASL right in there:

 

<stream:features>

     <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>

       <mechanism>DIGEST-MD5</mechanism>

       <mechanism>PLAIN</mechanism>

       <mechanism>EXTERNAL</mechanism>

     </mechanisms>

     <saml xmlns='http://the/saml/namespace'/>

</stream:features>

 

-- Jonathan

 

 

_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe <at> jabber.org
_______________________________________________
Permalink | Reply | 501 comments |
headers
Peter Saint-Andre | 6 Jul 21:01
Favicon

Re: SAML


On 7/6/09 5:02 AM, Jonathan Dickinson wrote:
> Has anyone thought about how SAML [Security Assertion Markup Language]
> would work in terms of SASL <http://en.wikipedia.org/wiki/Saml> and
> XMPP? This is especially interesting regarding the whole OpenID/SSO
> discussion a while back; SAML isn’t bound to HTTP or any other client
> for that matter (don’t get the wrong idea from the abundance of HTTP
> documentation – it will work in any transport).

You want to use SAML to authenticate with the server, or to provide
authorization for accessing certain resources (e.g., a chatroom) after
you have authenticated?

IMHO SAML is more focused on authorization than authentication:

http://mail.jabber.org/pipermail/standards/2004-July/005804.html

Yes, it would be possible to define a SASL mechanism for SAML, but
that's outside the scope of XMPP (it's something that people would
define in the SASL WG, I think).

Peter

--
Peter Saint-Andre
https://stpeter.im/
Permalink | Reply | 501 comments |
headers
Peter Saint-Andre | 7 Jul 20:51
Favicon

REMINDER: free XMPP Summit, San Jose, CA, July 20-21


This is just a reminder that the XSF will hold an XMPP Summit on July
20-21 in San Jose, California. This is the premier gathering of XMPP
geeks on the planet, held twice a year (once in North America and once
in Europe). If you want to participate in part or all of the Summit,
please post to the summit <at> xmpp.org list. Details here:

http://xmpp.org/summit/summit7.shtml

Thanks!

Peter

--
Peter Saint-Andre
https://stpeter.im/
Permalink | Reply | 0 comments |
headers
Surki | 10 Jul 14:37
Picon

Is there a server implementation of XEP-0257

Hello jdev,

I have been looking at the possibility of using XMPP for an embedded device presence notification scenario.
To have a passwordless login, and also to manage the certificates I see that there is an experimental XEP (XEP-0257).

I am wondering if you are aware of any xmpp server implementation that has this XEP ?

Thanks,
Surki

PS: Someone was speaking about the client for 0257 here: http://mail.gnome.org/archives/seahorse-list/2009-January/msg00006.html, so I presumed there might be a server implementation too.

_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe <at> jabber.org
_______________________________________________
Permalink | Reply | 1 comment |
headers
Peter Saint-Andre | 10 Jul 16:50
Favicon

Re: Is there a server implementation of XEP-0257


On 7/10/09 6:37 AM, Surki wrote:
> Hello jdev,
> 
> I have been looking at the possibility of using XMPP for an embedded
> device presence notification scenario.
> To have a passwordless login, and also to manage the certificates I see
> that there is an experimental XEP (XEP-0257).
> 
> I am wondering if you are aware of any xmpp server implementation that
> has this XEP ?

Not that I know of. The spec is quite new and experimental.

Peter

--
Peter Saint-Andre
https://stpeter.im/
Permalink | Reply | 0 comments |
headers
Robin Redeker | 12 Jul 13:14
Gravatar

Re: [Fwd: Alertbox: Stop Password Masking]

On Wed, Jun 24, 2009 at 08:45:50AM -0600, Peter Saint-Andre wrote:
> Interesting usability study for all you client developers...
[.snip.]
> Usability suffers when users type in passwords and the only feedback
> they get is a row of bullets. Typically, masking passwords doesn't even
> increase security, but it does cost you business due to login failures.

Interesting. This reminds me of psi, which obfuscates the passwords in
the configuration file, in case someone peeks at your screen while you
edit the configuration file.

Greetings,
   Robin

--

-- 
Robin Redeker                         | Deliantra, the free code+content MORPG
elmex <at> ta-sa.org / r.redeker <at> gmail.com | http://www.deliantra.net
http://www.ta-sa.org/                 |
_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe <at> jabber.org
_______________________________________________
Permalink | Reply | 0 comments |
headers
Soumyadipta De | 13 Jul 09:14
Picon

XMPP Related Help

Hi,

I am new to XMPP/Jabber world. Please accept my apology for posting questions from the beginning.

Actually i am looking for an interface through which a XMPP client can communicate with IM, MSN, Gtalk and Skype. I have found Open fire (http://www.igniterealtime.org/projects/openfire/) but it doesn't support Skype. It will be really help ful if i got a opensource link which fulfills my requirement.

AlsoI i have posted this mesage in the wrong forum please forgive me.

Thanks In Advance,
Soumyadipta De

_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe <at> jabber.org
_______________________________________________
Permalink | Reply | 3 comments |
headers
Tomasz Sterna | 13 Jul 10:01
Favicon
Gravatar

Re: XMPP Related Help

On pon, 2009-07-13 at 08:14 +0100, Soumyadipta De wrote:
> Actually i am looking for an interface through which a XMPP client can
> communicate with IM, MSN, Gtalk and Skype. I have found Open fire
> (http://www.igniterealtime.org/projects/openfire/) but it doesn't
> support Skype. It will be really help ful if i got a opensource link
> which fulfills my requirement.

You need a running Skype client to communicate with Skype network, so
gateway creation is at least hard.

But there are client plugins that could use a running Skype instance.
See http://eion.robbmob.com/ for example.

--

-- 
Tomasz Sterna
Instant Messaging & EDI Consultant
Open Source Developer
http://tomasz.sterna.tv/  http://www.xiaoka.com/

_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe <at> jabber.org
_______________________________________________
Permalink | Reply | 2 comments |

Gmane