Skip to Content.
Sympa Menu

wg-pic - Re: [wg-pic] Some thoughts about JIDs and the Spring I2MM.

Subject: Presence and IntComm WG

List archive

Re: [wg-pic] Some thoughts about JIDs and the Spring I2MM.


Chronological Thread 
  • From: Peter Saint-Andre <>
  • To:
  • Subject: Re: [wg-pic] Some thoughts about JIDs and the Spring I2MM.
  • Date: Fri, 01 Feb 2008 10:31:31 -0700
Rodney McDuff wrote:
> Hi All
> For a shibbolize XMPP account registration service (gotta find a
> acronym for that) I been thinking about cake; namely how to eat my cake
> and keep it aswell. For this argument lets assume that the JID domain we
> use for the demo is xmpp.internet2.edu (which by the way is free). A
> simple way to go forward is that once a person has logged into the
> registration service they'll pick a name like 'bob' (that hasn't been
> used yet) and their JID will be
> ''.
> While we might
> be patting ourselves on the backs re 'leveraging federated identity
> management' will people get it. Whats the difference between
> ''
> and
> ''
> especially as we can't at
> this stage use a person institutional credentials login the jabber server.

One difference is that anyone can register an account at the jabber.org
service. Presumably that's not true for the xmpp.internet2.edu service.

> Perhaps we can recover some of the 'leveraging federated identity
> management' brownie points by get an institution asserted value for the
> username part of the JID; rather that it being self-asserted by the
> user. One possibility is that we request an email address (or
> eduPersonPrincipleName) attribute from the person's IdP; say for example
> ''.
> The constructed JID for this case could be
> 'deke%'.
> This may look a bit ugly but it
> definitely implies that we are talking about a 'deke' at the University
> of Pennsylvania.

Maybe it does. :) It does if it's a published policy of the
xmpp.internet2.edu service to grant JabberIDs only to individuals
associated with Internet2 consortium members, and to form such JabberIDs
using the syntax you describe.

Deke could just as well request the following account:

deke%

That looks meaningful but it isn't, because jabber.org has no service
policy regarding the Jabber IDs it grants.

BTW, you could alternatively use JID Escaping (XEP-0106), which would
result in:

deke\

I am not sure how the majority of jabber clients will display that, but
the idea is that they would unescape \40 to '@' as explained here:

http://www.xmpp.org/extensions/xep-0106.html

Peter

--
Peter Saint-Andre
https://stpeter.im/

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


Archive powered by MHonArc 2.6.16.

Top of Page