That sounds good. Would be good to have text stating that passwords of length 255 characters (the current max) shall be allowed. Requiring a minimum length of 8 or a least 6 characters would be good.
Cheers, John From: Emu <[email protected]> on behalf of Alan DeKok <[email protected]> Date: Wednesday, 25 January 2023 at 02:15 To: EMU WG <[email protected]> Subject: [Emu] draft-ietf-emu-rfc7170bis-03.txt and password length Section 4.2.14 (Basic-Password-Auth-Resp TLV) defines the length of the password "PassLen" as "Length of Password field in octets'. However, there is no requirement that the length be greater than zero. The same issue goes for the UserLen field. TBH, any password less than 8 octets should be viewed with great suspicion. I'll push some text, unless anyone has objections. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
