-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FYI (following up on open issues from the Vancouver meeting)...
- -------- Original Message -------- Subject: [kitten] changing "mapped to nothing" in SASLprep-bis Date: Thu, 13 Sep 2012 15:25:07 -0600 From: Peter Saint-Andre <[email protected]> To: [email protected] <[email protected]> Dear SASL experts, RFC 4013 states that certain Unicode code points that are commonly mapped to nothing (see Appendix B.1 of RFC 3454) can indeed be so mapped when preparing passwords (and usernames) in SASLprep. In working on draft-melnikov-precis-saslprepbis (which is intended to obsolete RFC 4013), Alexey Melnikov and I have followed the general approach of the PRECIS framework (and before that IDNA2008) by specifying that such code points would simply be disallowed. In Unicode 3.2 there are only 27 code points that are affected by this rule (e.g., U+00AD = SOFT HYPHEN), and since currently they are mapped to nothing they would not be stored in an authentication database. However, users might have included such characters in their usernames or passwords and thus might expect to input those characters when providing usernames or passwords for authentication purposes. Therefore, if we change these code points from "mapped to nothing" to disallowed, it is possible a small number users might experience an error when inputting these characters with updated versions of their software, instead of the smooth operation they experienced in the past. Alexey and I would like to solicit feedback on this issue from participants in the KITTEN WG and especially from those who have implemented and deployed software that uses SASLprep. Please send your feedback to the [email protected] list or directly to me and Alexey. Thanks! Peter _______________________________________________ Kitten mailing list [email protected] https://www.ietf.org/mailman/listinfo/kitten -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBST2oACgkQNL8k5A2w/vyTAwCeNrPbFeFTvj/qvYpsE2PRb/bs Fs0An2df/4NHg03Dw4WR32bqStlDmvS2 =ZTZQ -----END PGP SIGNATURE----- _______________________________________________ precis mailing list [email protected] https://www.ietf.org/mailman/listinfo/precis
