[ejabberd] Facebook transport

Michael Ossareh michael at heysan.com
Tue Sep 30 21:28:11 MSD 2008


On Tue, Sep 30, 2008 at 5:18 AM, Mickaël Rémond
<mickael.remond at process-one.net> wrote:
> Hello,
> Le 30 sept. 08 à 14:12, Simon Tennant a écrit :
>
> Michael Ossareh wrote:
>
> We have facebook integrated through XMPP. They're not doing a full
>
> launch for some reason. I spoke to Henri at facebook and he was rather
>
> skittish about XMPP access; citing security reasons for not wanting
>
> facebook users to input their username/passwords for facebook into
>
> other sites.
>
> This is good to know.  And the "right" way to have it working. I can
> understand their fear of users entering passwords outside of Facebook.
> Still it would be nice if they opened their platform to openID.
>
> They can implement delegated credentials that will only provide limited
> rights (through OAuth for example).

I suggested this and their feedback was that they do  not believe this
will work; people only have one password - asking their users to have
a "less secure" password didn't work. I suggested that they use OAuth
(which would be bad for us) and then the topic of fooling users into
non-official facebook branded sites came up. Overall - it just feels
like they're being overly paranoid.

> --
> Mickaël Rémond
>  http://www.process-one.net/
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
>
>



-- 
"Don't go through life, grow through life."
- Eric Butterworth


More information about the ejabberd mailing list