-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FYI, I finally remembered to ping the KITTEN WG about an issue that was raised in Berlin...
Peter - -------- Original Message -------- Subject: Re: [kitten] Fwd: Re: [precis] I-D Action: draft-ietf-precis-saslprepbis-04.txt Date: Mon, 09 Sep 2013 17:41:30 -0600 From: Peter Saint-Andre <[email protected]> To: [email protected] <[email protected]> Dear KITTEN WG, Your feedback would be appreciated on this I-D. This version incorporates the input that Alexey and I received from folks here, as well as discussion at the PRECIS WG session in Berlin: http://www.ietf.org/proceedings/87/minutes/minutes-87-precis One question in particular regarding preparation of usernames, especially for Nico since he suggested the original text... Version -03 said: 3. Uppercase and titlecase characters MAY be mapped to their lowercase equivalents. In version -04, based on PRECIS WG discussion, we changed that to: 3. Uppercase and titlecase characters SHOULD be mapped to their lowercase equivalents (not doing so can lead to false positives during authentication and authorization, as described in [RFC6943]). The rationale was that we really don't want to give people a gun to shoot themselves with. Some folks in the PRECIS WG session leaned even to "MUST" here, but SHOULD with an explanation of the consequences was a compromise position. In any case, the original MAY seemed way too weak to folks in the PRECIS WG. Please let us know if you have grave concerns about the text in -04. Thanks! Peter On 8/12/13 10:38 AM, Peter Saint-Andre wrote: > FYI. > > > -------- Original Message -------- Subject: Re: [precis] I-D > Action: draft-ietf-precis-saslprepbis-04.txt Date: Sun, 04 Aug > 2013 18:06:49 -0600 From: Peter Saint-Andre <[email protected]> > To: [email protected] > > Changes to address discussion in the WG session on Friday. I did > this work in airports and on planes today, so I would not be > surprised if the text isn't perfect... > > On 8/4/13 6:04 PM, [email protected] wrote: >> >> A New Internet-Draft is available from the on-line >> Internet-Drafts directories. This draft is a work item of the >> Preparation and Comparison of Internationalized Strings Working >> Group of the IETF. >> >> Title : Preparation and Comparison of >> Internationalized Strings Representing Usernames and Passwords >> Author(s) : Peter Saint-Andre Alexey Melnikov Filename >> : draft-ietf-precis-saslprepbis-04.txt Pages : 14 Date >> : 2013-08-04 >> >> Abstract: This document describes how to handle Unicode strings >> representing usernames and passwords. This profile is intended >> to be used by protocols that exchange or otherwise make use of >> usernames and passwords. This document obsoletes RFC 4013. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-precis-saslprepbis >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-ietf-precis-saslprepbis-04 >> >> A diff from the previous version is available at: >> http://www.ietf.org/rfcdiff?url2=draft-ietf-precis-saslprepbis-04 >> >> >> >> Please >> note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at >> tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ precis mailing >> list [email protected] >> https://www.ietf.org/mailman/listinfo/precis >> -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSLlzdAAoJEOoGpJErxa2psbEP/RPS9Y/tPbD/pgp690b13ccr s7mvOzFm8eYGxGdMY/MR5zgxPjmHbzzDdKuyee6B8lMCOv9raA3jk3feBMJ8/YYd ctTHRuic6BiSvusZ9GPaLBI7KJMH3ZivZZQ0KMW0Vw76Y8vj4z2oo7mDTgauemGB 2JOT5wCGkwDGTA5vcpiY4Q7oc1OTn7q/CUQrTxLaer+v9+kz/ccdkz1almJxDIRO F+D/mVA9tCN03PEdYQhH6mFnxnvSxRHk7K/MXH6KfihKakUsEhBL/1Mrlm78du/v bldJ8gikgZIlNFfzm6PFMv4o5SCkGz7JmZMigsby9e4jXaJxYIxS7uAE2EInhbt9 nz+BT1r4lqodiArhNAIFV4fddbXfsNO1R/Y5reoiLFrCOJC3upqQAn9AB1YQiu+9 rxoDFJgFm4O3K16zyE2AoL/OmAC6lbSTbthd8VZ9NOGC8bDCJ/WNXU/443tt5E2w QXOdKxACQzCkhwKukG5P8djAnB/6Qghl/DVlENYuZ/ujXI0MQxfwL+JoEsw340BL trqleTdZhrEMV+Mqh9uaUS3O/dTSY3jLi/qkDE9KebSA9WZ9yCmP5pKbmdi0Zw4g Fxt60nbz8zX42XLaDUlfiJ3jfq7gLBMXBZvT7Wwa6vYXG+gFjj+yDjbqcyF211jq YsM5FMSaY+npICG6NVb7 =ogEy -----END PGP SIGNATURE----- _______________________________________________ precis mailing list [email protected] https://www.ietf.org/mailman/listinfo/precis
