[Standards] summary: allowable characters
mridul at sun.com
Thu Aug 2 18:23:10 UTC 2007
Peter Saint-Andre wrote:
> OK, we have had a long long discussion thread about JID Escaping and
> nodeprep and allowable characters in JIDs etc. Here I summarize the
> discussion and draw some conclusions for those of you who have checked
> out. :)
> 1. Support for XEP-0106: JID Escaping (i.e., mapping of ' to \27 etc.)
> is needed only in certain specialized deployment situations -- mainly
> when an organization wants to reuse existing userids (e.g., email
> addresses) or gateway to other messaging systems.
> 2. We needed to define JID escaping because version 1 of nodeprep (see
> RFC 3920) prohibits including the characters SP " & ' / : < > @ in XMPP
> node identifiers. (See also XEP-0029.)
> 3. IIRC we prohibited some of those characters because very early Jabber
> clients didn't properly escape things like " & ' < > in XMPP 'to' and
> 'from' addresses.
> 4. One solution would be to define version 2 of nodeprep in rfc3920bis.
> As far as I can see, nodeprep2 would allow " & ' < > since those can be
> escaped in XML (e.g., XMPP 'to' address) as the predefined entities
> " & ' < >. I'm not sure why : was prohibited in the
> first place so that would be allowed. I suppose / was prohibited because
> it's used later in a full JID to differentiate the resource identifier,
> but in a node identifier I don't think it would be confusing so that
> would be allowed.
user/id at domain and domain/res at restofres cant be differentiated if / is
Btw, changing nodeprep now will cause quite a lot of problem with
existing deployments - since the contact jid's are part of the user data
- and would pretty much mean we cant adopt bis spec.
The number of deployments with these usecases are not as specialized as
it might seem.
> Clearly we can't allow @ because we use that character
> as a separator between the node identifier and the domain identifier. So
> nodeprep2 would be the same as nodepre1 except that it would disallow
> only the at-sign ("@"). (Naturally we can discuss this further...) As to
> how it is discovered that a server supports nodeprep2, I will post a
> separate message about that.
More information about the Standards