[Wocky] Jabber chatter blabber
Greg Hudson
ghudson at MIT.EDU
Fri Apr 28 11:56:37 EDT 2006
On Fri, 2006-04-28 at 11:46 -0400, Jerrad Pierce wrote:
> I saw the sidebar about Jabber in the recent Tech Talk, I'd like to point out
> that's inacccurate when claiming "Jabber is not a multi-protocol IM client,
> but IM clients that support jabber let you chat with users on..." This implies
> that it is the Jabber client doing the work (which is what a multi-protocol
> client does), when in fact it is the server which must be configured to act as
> a gateway.
When the server is configured to act as a gateway, it generally stores
the AIM (or MSN or whatever) username and password for each Jabber
client making use of that gateway. That is a rather insecure model of
credential management, and we don't recommend it for any MIT user. We
were, actually, talking about multi-protocol clients like Gaim. It
might have been clearer to put a word like "many" before "IM clients
that support jabber".
> Pedantics aside I have two questions about this, moving forward will there be
> a zephyr-jabber gateway? And will you be contributing to jwgc to bring it up
> to snuff (a drop in replacement for zwgc et al)? http://jwgc.blathersource.org
jwgc development looked pretty moribund when I grabbed it, so I have not
contributed patches upstream. But it is installed on Athena, with
GSSAPI authentication support (replacing the password authentication
support) and a bunch of bugfixes.
As to whether there will be a zephyr-jabber gateway: maybe. It's
something we've been looking into. Unlike most Jabber transports, we
could give our Jabber server a copy of the zephyr/zephyr keytab and let
it fake up Kerberos credentials to the Zephyr server, so that the server
would not need to store users' Kerberos passwords.
More information about the Wocky
mailing list