Now there's some traffic in the PRECIS list, I'd like to ask this question
again, phrased differently.
Afaict, the etiology of this implementer's non-minimal astonishment is:
o Password is based on OpaqueString Profile
o OpaqueString Profile is based on FreeformClass
o FreeformClass uses Exceptions (F) from RFC 5892 sec. 2.6
o Exceptions (F) disallows MIDDLE DOT except under CONTEXTO
o CONTEXTO rule MIDDLE DOT in RFC 5892 A.3 says "Between 'l' (U+006C)
characters only, used to permit the Catalan character ela geminada to be
expressed."
o Therefore, for example
ihαtePa§sωrdrul·lz is valid
ihαtePa§sωrdrul·ze is invalid
Authoring a validation error message that helps the user understand and
fix it was a challenge. "Password may not contain the · character except
as part of a Catalan character ela geminada," is a cute easter egg[1]
but not much use.
I imagine IDNA would not want MIDDLE DOTs in domain names and some
identifiers because of spoofing but that concern is specific to that
domain and surely not to passwords. I don't know Catalan but I use MIDDLE
DOTs for a variety of purposes, not quite daily but often enough to know
it's been OPT-SHIFT-9 since very early MacOS. It's a useful character so I
suspect people will encounter this rule.
RFCs 7564 and 7613 are done and dusted so my question is: did I decode the
specs correctly?
Tom
[1] Reminds me of PHP's infamous "Parse error: syntax error, unexpected
T_PAAMAYIM_NEKUDOTAYIM"
On 9/14/15, 9:23 AM, "Tom Worster" <[email protected]> wrote:
>Hi,
>
>Do I understand right that an RFC 7613 password must not contain a MIDDLE
>DOT (U+00B7) unless both the previous and next characters are LATIN SMALL
>LETTER L (U+006C)?
>
>Are test vectors available for either of the RFC 7564 string classes or
>of the RFC 7613 ID and password profiles?
>
>If this is not the right place for these questions, please steer me in
>the right direction.
>
>Thanks for your consideration.
>
>Tom Worster
_______________________________________________
precis mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/precis
