[jdev] sasl digest-response

Andrew Plotkin erkyrath at eblong.com
Tue Apr 25 20:57:25 CDT 2006

On Sun, 23 Apr 2006, Bruce Campbell wrote:

> On Sat, 22 Apr 2006, [ISO-8859-2] Asia G?siewska wrote:
>> during digest- response. After reading RFC2831 I just don' t understand 
>> this part:
>> passwd   = *OCTET
>>   The "username-value", "realm-value" and "passwd" are encoded
>>   according to the value of the "charset" directive. If "charset=UTF-8"
>>   is present, and all the characters of either "username-value" or
>>   "passwd" are in the ISO 8859-1 character set, then it must be
>>   converted to ISO 8859-1 before being hashed.
>> What does it mean *OCTET
> '*OCTET' - as many octets (bytes, 8 bits) as required for the password.
>> and should I change everything everytime to iso 8859-1 ?
> The whole reference to ISO 8859-1 is to maintain compatibility with HTTP. The 
> way it works is that for the 'username-value' and 'password' fields, you scan 
> through the field looking for any characters that are _not_ in ISO 8859-1 . 
> If there are no characters outside ISO 8859-1 in the field, you send that 
> field in ISO 8859-1, assuming that the value of the 'charset' directive is 
> 'ISO 8859-1' for that specific field.

I'll repeat the observation I made a few weeks ago: when I implemented 
this paragraph strictly, my client stopped being able to connect to 
ejabberd. (When the username was in the ISO 8859-1 character set, but 
outside of pure ASCII.)

I went back to using UTF-8 everywhere, and it worked. So that's what I'm 
doing for the moment.

I haven't tested this with the new ejabberd 1.1.0.


"And Aholibamah bare Jeush, and Jaalam, and Korah: these were the borogoves..."
Just because you vote for the Republicans, doesn't mean they let you be one.

More information about the JDev mailing list