[Standards] JID Escaping

Robin Redeker elmex at x-paste.de
Thu Aug 2 15:21:46 UTC 2007


On Fri, Jul 27, 2007 at 02:32:39PM -0600, Peter Saint-Andre wrote:
> Matthias Wimmer wrote:
> > Robin Redeker schrieb:
> >> I propose to rename the XEP to make clear that this escaping/unescaping should
> >> only happen in very rare cases (only at gateways or heavily specialized client
> >> frontends). And that the terms 'escaping' and 'unescaping' are replaced by
> >> 'mapping' and 'unmapping', because thats what is happening here.
> > 
> > +100
> 
> Well, it's interesting, on the ejabberd list today someone said they
> have an existing database of 45k email users and they want to offer
> Jabber services to that user population, but re-use the same usernames.
> I'm sure they have some users in there with addresses containing
> characters like single quote, e.g., tim.o'reilly at domain.tld. In which
> case I bet that they'll be interested in using JID Escaping.
> 
> I really feel that this discussion is not going anywhere. The spec is
> IMHO pretty clear. If you don't like the spec, don't implement it.

Ok, update on \ quoting:

I tried to register users with \ in their nodepart in servers and
authenticate via SASL DIGEST-MD5. These servers didn't work:

- ejabberd (eg. at jabber.org)
- jabberd2 (with gnusasl as SASL backend, DIGEST-MD5 code broken,
            scod however works)
- openfire at igniterealtime.org

I already filed a bugreport against ejabberd, they seem to have also
their own code to handle DIGEST-MD5 as far as I understood the code.

I filed a bugreport to ejabberd and it seems to be fixed sometime
( see http://www.jabber.ru/bugzilla/show_bug.cgi?id=362 ).
I also informed the jabberd2 author about the problem with gnusasl.

It seems that there are versions of jabberd2 which support it, eg.  the
server jabber.wavenet.pl which uses: jabberd sm 2.0s6. I confirmed that
that version uses their own sasl implementation.

igniterealtime.org seems to use "Openfire Enterprise 3.4.0 Alpha 2".

ejabberd seemed neither to work on jabber.org nor my local setup,
neither versions 1.1.2 nor 1.1.3 seemed to work.

If someone tests with ejabberd and does NOT get an error he should try
to use a client that actually not has a quoting bug too. tkabber for
example doesn't quote the \ in the sasl response, so as ejabberd doesn't
unquote they play fine with each other. Of course tkabber will blow up
on servers that do right unquoting (confirmed that with
jabber.wavenet.pl).

This is the state of \ in JIDs and DIGEST-MD5 in the current public
server network, one might want to look at this statistic:
http://www.ta-sa.org/files/txt/a5cc5ae8318c76f40f9912daff6ef6af.txt

That are 680 version responses from various public servers advertised on
xmpp.org.ru, xmpp.net and jabber.org.
(btw. I sent requests to 713 servers, but 33 seemed not to be reachable
or didn't support the software version feature).

It seems that at least the majority of the whidely deployed servers
support \ in JIDs in DIGEST-MD5 SASL authentication due to faulty SASL
DIGEST-MD5 implementations.

However, using the PLAIN authentication method seems to work!



Robin



More information about the Standards mailing list