[JDEV] Standards

Thomas Charron tcharron at ductape.net
Thu Jan 27 08:54:50 CST 2000 

Quoting Jerrad Pierce <belg4mit at CALLOWAY.MIT.EDU>:
> >  Your opinion.  The 'long wrong' as you put it, is the way it's been for
> >nearly 30 years, and no ones right/wrong.  Your method also causes 'data
> >stagnation', aka, if it's ALWAYS in the config file, and I can move it
> around,
> >when do I actually have to enter my username/password?  Not to mention, it
> >also leads to the issue of what happens when someone get's their hands on
> that
> >file, eh?  Full access..  ;-P
> I beg to differ about stagnation. It prevents it, if you connect from
> multiple
> places it can mean they all have the same data. (Hence my allusion to
> Roaming
> Access in Netscape)

  Roaming access in netscape doesn't store your access passwords and IDs in a 
file..  ;-P  Pretty much, that's all you'd want stored, along with perhaps a 
username.  The stagnation occurs when you *never* have to actually type in your 
password.  I for one can say I have passwords I haven't used in over a year, 
and I'll be darned if I can remember every one of them.

> You can enter your name/pass in your client if you leave them out of the
> config file.

  Then you've lost 66% of the data you'd want stored there that couldn't be 
stored on the server..  ;-P

> The password should ideally never be sent up to the server. But hey, if
> you're
> not worried about security and using an open connection to logon, then what
> difference does it make if you send it once more in the clear? This is one
> reason I suggested two files...

  Err?  I think I'm misunderstanding you here.  Password never sent to the 
server?  That'd be fun..  The only other way would be to send some sort of 
hashed encrypted values on connection, for the client to then return something 
based on that hash, which, in reality, isn't all that bad of an idea.  I 
*think* that's what you meant..

> But different clients MAY share configurtion data, color schemes for
> example. Or hey, anybody remember twm? what about vtwm.gamma? vtwm.gamma
> could
> use a twm config file... 

  I suppose, if client developers want to include those capabilities, they 
can..  To each their own eye candy..  

> Also, as far as saving general jabber data goes, I think people have
> glossed
> over one of (IMHO) the good ideas, in being quick to discount the
> others....
> Namely mutltiple sets of config data... (default, work, home, etc.)

  Resources.  Plain in simple.

> Also, rememebr this would all be VOLUNTARY. Jabber clients need not comply
> with anything more than the Jabber protocol itself. Of course, if you don't
> make your client play nice it might not get used ;-P

  Good point.  As far as not getting used, well, that remains to be seen, I 
suppose..  ;-P

--- 
Thomas Charron
<< Wanted: One decent sig >>
<< Preferably litle used  >>
<< and stored in garage.  ?>>

More information about the JDev mailing list