[Standards] JID Escaping

Ralph Meijer jabber.org at ralphm.ik.nu
Thu Aug 2 15:41:01 UTC 2007


On Thu, 2007-08-02 at 17:21 +0200, Robin Redeker wrote:
> It seems that at least the majority of the whidely deployed servers
> support \ in JIDs in DIGEST-MD5 SASL authentication due to faulty SASL
> DIGEST-MD5 implementations.
> 
> However, using the PLAIN authentication method seems to work!

Well yeah. As we discussed in the jdev room, the DIGEST-MD5 mechanism
keeps on piling up new issues. SASL lib devs are tired of its complexity
and incompatible implementations.

As was suggested in March in response to the unwillingness to go further
with the DIGEST-MD5 bis RFC (following RFC 4422), we should think about
dropping DIGEST-MD5 altogether in favour of something based around
SHA256, for example.

That said, I'm wondering if we should really try to go further with
general JID escaping. I'm sure in some edge cases, you would want to be
able to use apostrophes in user ids. But I think that that is rare. I've
never seen an e-mail address with an apostrophe.

Also, why go through all the effort to sync with e-mail addresses when
we have a far richer character repertoire in terms of non-latin
characters? Note that RFC2822 doesn't even allow umlauts, for example,
so you can never translate full names to usernames in either addressing
scheme.

Do we really need to have these extra characters?

-- 
Groetjes,

ralphm




More information about the Standards mailing list