Hi all, now that the new RFC 8264 / 8265 are out, I wanted to update my implementation, which was based on the older RFCs.
Unfortunately the order of rules still confuses me. During enforcement and comparison of a string, do I first validate a string, then apply the rules (as written in https://tools.ietf.org/html/rfc8265#section-3.3.4), or do I first apply the rules and then validate it? (as in https://tools.ietf.org/html/rfc8264#section-7) With "validate" I mean checking the "Behavioral rules for determining whether a code point is valid, allowed under a contextual rule, disallowed, or unassigned“. The Appendix says: "Corrected the order of operations for the UsernameCaseMapped profile to ensure consistency with [RFC8264].“ but I just can’t see that: "MUST prepare then MUST enforce" Concrete example (I asked it here already): If a user wishes to create a username with U+212B (Angstrom sign), should an application reject it (because it’s disallowed) or allow it, because enforcement converts the character to a valid code point first? Thanks! Kind regards, — Christian _______________________________________________ precis mailing list [email protected] https://www.ietf.org/mailman/listinfo/precis
