On Jan 25, 2023, at 3:21 AM, John Mattsson <[email protected]> wrote: > > That sounds good. Would be good to have text stating that passwords of length > 255 characters (the current max) shall be allowed.
It can be stated in the text, but the 8-bit length field definitely limits user names / passwords to 255 characters. > Requiring a minimum length of 8 or a least 6 characters would be good. I'd be hesitant to put that at as a MUST. But it should be clear that short passwords are NOT RECOMMENDED. And I noticed there's nothing on identities, or identity formats. It's probably worth adding a reference to https://datatracker.ietf.org/doc/html/draft-ietf-emu-tls-eap-types-10#section-3.1 Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
