charset in DIGEST-MD5

Peter Saint-Andre stpeter at stpeter.im
Tue Jun 2 13:09:25 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Someone just told me that Pidgin does not include charset in its SASL
DIGEST-MD5 data for XMPP. If charset is not included, RFC 2831 says that
the encoding is ISO 8859-1. That *might* cause a problem in XMPP because
usernames and passwords can include characters outside 8859-1. I don't
know if this has caused any problems in the wild, but I figured I would
mention it.

Ideally XMPP will transition away from DIGEST-MD5 altogether and move to
SCRAM, but that won't happen immediately.

More here:

http://tools.ietf.org/html/rfc2831

http://tools.ietf.org/html/draft-ietf-sasl-digest-to-historic

http://tools.ietf.org/html/draft-ietf-sasl-scram

Peter

- --
Peter Saint-Andre
https://stpeter.im/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkolXMUACgkQNL8k5A2w/vxr8wCg75UdjoVNlIbl9cvweiqKh9Wt
1LoAniXTV1tklf3+uJZQ1otXZR7WjtXR
=yd4U
-----END PGP SIGNATURE-----




More information about the Devel mailing list