Now there's some traffic in the PRECIS list, I'd like to ask this question
again, phrased differently.

Afaict, the etiology of this implementer's non-minimal astonishment is:

o Password is based on OpaqueString Profile

o OpaqueString Profile is based on FreeformClass

o FreeformClass uses Exceptions (F) from RFC 5892 sec. 2.6

o Exceptions (F) disallows MIDDLE DOT except under CONTEXTO

o CONTEXTO rule MIDDLE DOT in RFC 5892 A.3 says "Between 'l' (U+006C)
characters only, used to permit the Catalan character ela geminada to be
expressed."

o Therefore, for example

    ihαtePa§sωrdrul·lz    is valid

    ihαtePa§sωrdrul·ze    is invalid

Authoring a validation error message that helps the user understand and
fix it was a challenge. "Password may not contain the · character except
as part of a Catalan character ela geminada," is a cute easter egg[1]
but not much use.

I imagine IDNA would not want MIDDLE DOTs in domain names and some
identifiers because of spoofing but that concern is specific to that
domain and surely not to passwords. I don't know Catalan but I use MIDDLE
DOTs for a variety of purposes, not quite daily but often enough to know
it's been OPT-SHIFT-9 since very early MacOS. It's a useful character so I
suspect people will encounter this rule.

RFCs 7564 and 7613 are done and dusted so my question is: did I decode the
specs correctly?


Tom

[1] Reminds me of PHP's infamous "Parse error: syntax error, unexpected
T_PAAMAYIM_NEKUDOTAYIM"


On 9/14/15, 9:23 AM, "Tom Worster" <[email protected]> wrote:

>Hi,
>
>Do I understand right that an RFC 7613 password must not contain a MIDDLE
>DOT (U+00B7) unless both the previous and next characters are LATIN SMALL
>LETTER L (U+006C)?
>
>Are test vectors available for either of the RFC 7564  string classes or
>of the RFC 7613 ID and password profiles?
>
>If this is not the right place for these questions, please steer me in
>the right direction.
>
>Thanks for your consideration.
>
>Tom Worster


_______________________________________________
precis mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/precis

Reply via email to