jdev - 2023-11-10

wellsfargo@exploit.im

.

has anyone an example of a invalid resource?

i struggle to find one

just use anything not in Unicode 3.2

otherwise the resource strings are pretty much free form

and you'd have to use control characters not available on a common keyboard to mess with them

such as U+FFFC

\0 is the easiest, I'd have thought.

Kev, try to send that over XMPP :)

That wasn't part of the assignment ;)

I took it as an implicit; otherwise, yes, \0 is the easiest (and also one of the hardest to type ;))

I'd just assumed we were talking about testing a JID validation function or something. You're just as likely to be right.

oh! U+200D isn't that uncommon, but prohibited via table C.2.2 ✏

And which RFC and Unicode version are we using for this exercise?

Zash: Yes.

There Is Only One.

https://www.rfc-editor.org/rfc/rfc6122 Got it!

U200D does not work for me

dont forget there is normalization in the process

oh, right

ah U+FFFC does the trick, thanks

the normalization probably kills U+200d away

*XMPP Community* Reminder to consider to join the upcoming XMPP Vision & Strategic Workshop We intend to discuss our organization and future of the technology we use, develop and thrive across the XMPP Community. Date: Tue, 14th November 2023 Time: 6:00 - 9:00 pm UTC Online & in English Questions: https://xmpp.org/chat?xsf Everyone welcome - spread the word! https://fosstodon.org/@xmpp/111387292602565749

hm .. precis allows U+FFFC

My nirmal test is a resource with 🤯

also allowed by precis

its easy to find something thats not allowed by stringprep

Isn't stringprep the only thing that matters?

Hm actually its a obsolete standard

And also the only one that matters :)

In what way is it obsolete?

as in it is superseeded by another rfc

just that now everybody wants to ignore it, i would expect the XSF to act in some way if it thinks it was a error to publish this RFC

Just think of it as the MIX of address specifications...

yeah with the small difference that MIX did not supersede the MUC protocol ...

FWIW for Prosody I'm mostly waiting for ICU to gain support for the newer thing.

lovetox, so just like PRECIS hasn't superseeded STRINGPREP

references in RFC metadata notwithstanding

it says right there in the header

Obsoletes: 6122

but im not an expert of RFC process things

maybe im misunderstanding this

You underestimate the power of implementations.

I'm not sure I've ever seen an implementation if precis. Not that most things validate JIDs at all either way

It's just a word and a number until implementations follow them.

singpolyma, you mean on a server?

Concersations supported precis at one point, Gajim supports it since a few years

I meant clients and libraries mostly

Conversations didn't until recently, but they've followed me and do stringprep now

ok but then you knew an implementation ...

Of what?

Of precis? No, I haven't seen one

Usually it's no validation, sometimes it's stringprep

what are we talking about now, if you seen the code with your eyes? or do you mean implementing the precis standard itself in a library?

i thought we talking about clients using precis

What code did I see with my own eyes?

Conversations did not use precis

It used no validation at all

did you not just say > Conversations didn't until recently

Didn't validate until recently

im pretty sure at one point it used precis for something and then reverted

but maybe im remembering it wrong

anyway, it does not really matter if something uses it or not

i asked from a standards point of view, if this is dead

https://unicode-org.atlassian.net/browse/ICU-11981 might be resolved .. any day now

and how does that solve the migration problem?

I'm not going to worry about some problem until that day