[Standards] JID Escaping
mridul at sun.com
Tue Jul 31 04:36:14 UTC 2007
Mridul Muralidharan wrote:
> Peter Saint-Andre wrote:
>> Mridul Muralidharan wrote:
>>> Peter Saint-Andre wrote:
>>>> Mridul Muralidharan wrote:
>>>>> For the server, this xep is required since its user population could
>>>>> include users which have these prohibited characters in the uid .. and
>>>>> so requires it to identify the backend user (hence need to
>>>> Well it's really required only if you have customers who want to port
>>>> existing UserIDs (e.g., email addresses) to JIDs.
>>> Unfortunately, this is a very frequent deployment.
>> Personally I think this is fortunate -- organizations are rolling out
> Unfortunate from point of view of xmpp nodeprep :-)
> It is a necessary feature to support - especially when deployments tend
> to use single sign on (SSO) for all internal servers.
>> Jabber services to their large installed base of email users. Let's ask
>> ourselves how we can make that easier. Enabling those organizations to
>> map existing userids to JIDs makes sense. Saying "you can't re-use
>> existing userids so some of your users will need to have different
>> addresses or not use Jabber at all" makes no sense.
>> Email allows the following characters that are disallowed in JIDs (by
>> which I mean local-part of email address and node identifier portion of
> There are lot of cases where email gets used 'as-is' also as xmpp node.
> But there are other sso schemes where the other prohibited characters
> also can get used.
>> So IMHO the focus should be on those characters (the same mapping
>> applies to SIP addresses, which might be re-used in the same way that
>> email addresses are re-used, though I see that as less likely).
>> And again I ask, is that "gatewaying" or the automated construction of a
>> native XMPP address from an existing userid? I don't know that it makes
>> much of a difference really, but to me gatewaying is for exchange of
>> messages between different communication systems, not pure address
>> mapping to re-use userids.
>>> It is not that is only mailid which has this issue - there are also SSO
>>> mechanism of form uid at realm.
>> But is uid at realm going to be re-used as an XMPP node identifier?
> Simple scenario - user\40realm1 at domain approves contact\40realm2 at domain
> (note - same domain) subscription : for server to 'find out' the backend
> store for contact at realm2, it will need the whole uid - 'contact' by
> itself wont do : in a lot of cases, the server would have direct control
> over the backend anyway, and will need to go through sso api which
> expect the full identifier for the users.
> In the example above, I explicitly called it realm - though usually
> different realm's get mapped to different domains. It could have been
> anyother identifier which is global to the SSO system in place.
More information about the Standards