charset in DIGEST-MD5

Peter Saint-Andre stpeter at
Thu Jun 11 19:46:30 EDT 2009

Hash: SHA1

On 6/5/09 3:41 PM, Paul Aurich wrote:
> And Peter Saint-Andre spoke on 06/02/2009 10:09 AM, saying:
>> Someone just told me that Pidgin does not include charset in its SASL
>> DIGEST-MD5 data for XMPP. If charset is not included, RFC 2831 says that
>> the encoding is ISO 8859-1. That *might* cause a problem in XMPP because
>> usernames and passwords can include characters outside 8859-1. I don't
>> know if this has caused any problems in the wild, but I figured I would
>> mention it.
>> Ideally XMPP will transition away from DIGEST-MD5 altogether and move to
>> SCRAM, but that won't happen immediately.
>> More here:
>> Peter
> It seems Cyrus SASL doesn't ever include the charset in the generated
> responses, as the code path to do so is never executed. The next release of
> Pidgin will contain code that specifies the charset when Cyrus doesn't.

OK, sounds good. As I said, I don't know if this really causes problems
in reality, but it's good to be doing things the right way.

> Thanks,

No, thank you. :)


- --
Peter Saint-Andre

Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla -


More information about the Devel mailing list