7 Oct
2009
7 Oct
'09
11:10 a.m.
2009/10/7 Juha Heinanen <jh(a)tutpro.com>om>:
Of course, it was a pseudo-joke :)
However I think that we cannot rely forever on XMPP to fill the
IM&presence requeriments in our VoIP/SIP networks. At some point we
have to bet on SIP for IM and presence. Of course, this step requires
having a *good* set of specificacions and good server implementations,
let's work on it!
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
Iñaki Baz Castillo writes:
Of course both protocols can share the authentication backend
(DB/LDAP/Radius...) but the fact is that authentication is done by two
servers instead of just one, so issues as nonce reusage and such
possible vulnerabilities appear twice in different ways.
SIP & XMPP integration is a hack!!
user simply chooses, based on ua capability, which protocol to use. why
can't the same authentication data be used for both? Yes, it's
true that until now the only feasible IM and presence
solution is XMPP, but we are in SIP side! and we must extend the usage
of SIP for IM and presence (even if implementations are not mature
yet...).
this sounds religious and not very practical.