5

I have added International Domain Name support to an XMPP client as specified in RFC 6122. In the RFC it states:

Although XMPP applications do not communicate the output of the ToASCII operation (called an "ACE label") over the wire, it MUST be possible to apply that operation without failing to each internationalized label.

However, with the domain I have available for testing (running Prosody 0.9.4; working on getting feedback from someone else about how Ejabberd handles this), sending a Unicode name in the "to" field of an XMPP stanza causes them to immediately return an XMPP error stanza and terminate the stream. If I apply the toASCII operation before sending the stanza, the connection succeedes, and I can begin authentication with the server.

So sending:

<somestanza to="éxample.net"/>

Would cause an error, while:

<somestanza to="xn--xample-9ua.net"/>

works fine.

Is it correct to send the ASCII representation (ACE label) of the domain like this? If so, what does the spec mean when it says that "XMPP applications do not communicate the output of the ToASCII operation ... over the wire"? If not, how can I ensure compatibility with misbehaving servers?

Sam Whited
  • 6,880
  • 2
  • 31
  • 37
  • What server (and server software) did you test that with? – Etan Reisner Nov 12 '14 at 19:01
  • The XMPP-ADDR spec seems to fairly clearly say that sending an ACE label over the wire is not intended. It even says that if a server receives one it SHOULD convert that with `ToUnicode`. – Etan Reisner Nov 12 '14 at 19:04
  • @EtanReisner Oops; I tested with a server running Prosody 0.9.4; waiting on feedback on how ejabberd handles this at the moment. I thought the spec was pretty clear too, but a few other public servers (unsure what they're running) seem to be showing this same behavior (they could all be using Prosody for all I know though). – Sam Whited Nov 12 '14 at 19:47
  • I should also clarify that when connecting with an XMPP client that claims to support IDN's and tcpdump-ing the connection it appears to work (by sending the ACE label over the wire). I don't see it sending a Unicode label, failing, then retrying with the ACE label which is why I wondered if it was a widely agreed upon deviation from the spec or me misunderstanding the spec. – Sam Whited Nov 12 '14 at 20:14
  • The RFC also states that you need to apply nameprep on the domainpart. – Flow Nov 13 '14 at 00:14
  • @Flow If I'm not mistaken (and I very well may be), nameprep is applied as part of the IDNA2003 ToASCII operation. – Sam Whited Nov 13 '14 at 01:20
  • Possible, but the thing is that you don't put the ACE label on the wire. You just perform what's defined in RFC 6122 2.2. The RFC tries to say that only if it's possible to transform the domainpart string to an ACE label it's a valid domainpart. It clearly says that you should not send it over the wire (e.g. by including it in a to/from attribute of a stanza). I don't think that `to="éxample.net"` should cause an error. I've just put `éxample.net` into libidn's `Stringprep.nameprep(String)` method and the output was (again) `éxample.net`. So chances are good that it's valid. – Flow Nov 14 '14 at 14:14

0 Answers0