diff --git a/inbox/user-invite.xml b/inbox/user-invite.xml index 6a3f678d..fb694302 100644 --- a/inbox/user-invite.xml +++ b/inbox/user-invite.xml @@ -170,10 +170,67 @@ description and the expire information, so that Romeo can share it with Juliet by other means than XMPP, like e-mail or a QR code.

- -

+ +

The landing page that the generated URL points to should correspond to + the format described in XEP-0379 §3.3, and it needs to + convey the following information:

+ +

If the landing page is hosted by Romeo's server, the server MAY display + additional information based on the supplied TOKEN value, like the name + of the inviter or validity information.

 - + +

If Juliet does not have an XMPP client installed, she will not be able + to open the xmpp: link from the invitation page. + For this case, the landing page needs to indicate that a client must be + installed first, and that the link will not work as intended without. + The automatic installation of an appropriate IM client when a user + clicks on an xmpp: is outside of the scope of this + document.

+

With an XMPP client installed, Juliet can open the + xmpp: link and have the client process it + appropriately, as follows:

+ +

If Juliet's client is already configured with an account, the default + action for the presented + xmpp:inviter@example.com?roster;... URI is to add the + inviter to Juliet's roster. This should be performed as described in + §3.4 of XEP-0379, by sending a presence subscription + request containing the 'preauth' token.

+

If Juliet already has Romeo in her roster, her client should open the + appropriate chat interface instead.

+ + +

If Juliet's client does not have an XMPP account configured, she + needs to login or register an account first. Therefore, the client + should provide an interface with the following options:

+
    +
  • Login with an existing XMPP account.
    • +
  • Register an account with Romeo's server (if the URI contains a + ibr=y parameter).
    • +
  • Register an account with a public or client-endorsed server.
    • +
+

If the xmpp: URI provided by Romeo contains the + ibr=y parameter, it indicates that the server + supports the Pre-Authenticated In-Band + Registration defined in this document. If Juliet chooses this + approach, the server will ensure that after the registration, Romeo is + added to her roster with a full presence subscription.

If + Juliet chooses to login or register with a different server, her + client must complete the respective process and issue a subscription + request as described in §3.4 of XEP-0379.

+ + + +

If Romeo is the administrator of an XMPP server, he might want to + ensure that Juliet obtains an account on this server, with a username + defined either by Romeo or by Juliet, and in a way that does not require + the out-of-band communication of user passwords.

+

TODO: description of overall process steps, design motivation.

xmpp:example.com?register;preauth=TOKEN +

TODO: note about sensitivity of TOKEN

 - -

In order to allow invited users to register on a server, in-band - registration as defined in &xep0077; needs to be extended. - The invited user MUST send the following extended stanza in order to - register an account with a token.

+ +

In order to allow invited users to register on a server, the + registration processs as defined in &xep0077; needs to be extended. The + invited user's client MUST add a <preauth> element in the 'TODO' + namespace to the 'jabber:iq:register' query in order to inform the + server that it wants to perform Pre-Authenticated IBR:

@@ -257,6 +316,9 @@ ]]> +

If the server supports and is ready to perform Pre-Authenticated IBR, + it MUST add a <token> element to the response (TODO: 'token' or + 'preauth'?):

@@ -271,7 +333,7 @@ juliet m1cro$oft - TOKEN + BADTOKEN @@ -283,7 +345,7 @@ juliet m1cro$oft - TOKEN + OLDTOKEN