[jdev] saslprep and nodeprep

Peter Saint-Andre stpeter at stpeter.im
Wed Sep 26 15:38:21 UTC 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/26/12 9:29 AM, Waqas Hussain wrote:
> On Tue, Sep 25, 2012 at 11:50 PM, Peter Saint-Andre
> <stpeter at stpeter.im> wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> Just FYI, I compared SASLprep (RFC 4013) and Nodeprep (RFC 3920) 
>> recently and it seems that any XMPP localpart that conforms to 
>> Nodeprep also conforms to SASLprep
> 
> Correct. A localpart conforming to nodeprep also conforms to
> saslprep.
> 
>> , so there is no need to perform separate SASLprep processing in
>> XMPP client and server code. If you disagree with my conclusions,
>> please let me know. :)
>> 
>> Peter
> 
> Not true. SASLprep maps non-ASCII space characters [StringPrep,
> C.1.2] to SPACE (U+0020). Nodeprep forbids C.1.2 characters.

Right, so a string that passes Nodeprep will not include non-ASCII
space characters. Thus there's no need to map those characters to
U+0020 as in SASLprep, since they won't be in the string.

> A string with non-ASCII space characters needs to be saslprepped
> before it can pass nodeprep.

Why would you saslprep a string before nodeprepping it? It seems more
natural to nodeprep a string before saslprepping it (since this is
XMPP and you'll need to nodeprep it anyway at some point), in which
case you can just do nodeprepping and not worry about saslprepping.

> Of course, we can get away with just replacing spaces rather than
> full saslprep.
> 
> Also, all this only applies if the SASL authentication string is
> an XMPP localpart :)

Yes, true, and that depends on the SASL mechanism being used, etc.

> Aside: I've been analyzing our various old stringprep profiles
> (their overlap, etc), and will soon be comparing them the new
> stringprep.

Great, because I'm going to push for a working group last call soonish
on draft-ietf-xmpp-6122bis. :)

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlBjIW0ACgkQNL8k5A2w/vxckwCguYvn8vaeKNTjCg2tNv0XR3Z7
dZwAoJswhFD4j1IdvWEcIFDvGHOs8BWk
=ZV5e
-----END PGP SIGNATURE-----

More information about the JDev mailing list