2009/10/7 Juha Heinanen jh@tutpro.com:
Iñaki Baz Castillo writes:
> SIP & XMPP integration is a hack!!
user simply chooses, based on ua capability, which protocol to use. why can't the same authentication data be used for both?
Of course both protocols can share the authentication backend (DB/LDAP/Radius...) but the fact is that authentication is done by two servers instead of just one, so issues as nonce reusage and such possible vulnerabilities appear twice in different ways.
> Yes, it's true that until now the only feasible IM and presence > solution is XMPP, but we are in SIP side! and we must extend the usage > of SIP for IM and presence (even if implementations are not mature > yet...).
this sounds religious and not very practical.
Of course, it was a pseudo-joke :)
However I think that we cannot rely forever on XMPP to fill the IM&presence requeriments in our VoIP/SIP networks. At some point we have to bet on SIP for IM and presence. Of course, this step requires having a *good* set of specificacions and good server implementations, let's work on it!