+1. On 11/06/2018 14:49, Patrick Mevzek wrote: > On Mon, Jun 11, 2018, at 15:17, Hollenbeck, Scott wrote: >> [SAH] Jim, keep in mind that the security guidelines you mentioned are >> just that – *guidelines* published by a particular entity that may or >> may not be appropriate for use in different operating environments. I’d >> be inclined to loosen the Schema to conform to other possibilities and >> include an informational reference with text along the lines of “Servers >> SHOULD enforce minimum and maximum password length requirements that are >> appropriate for their operating environment. One example of a guideline >> for password length policies can be found in <blah blah> [reference >> here]”. A minimum length of 1 would ensure that the field can’t be >> blank, and the server can check if whatever is provided lines up with >> expectations for clients. > > That sound perfect to me. Thanks Scott for the text. >
-- Gavin Brown Chief Technology Officer CentralNic Group plc (LSE:CNIC) Innovative, Reliable and Flexible Registry Services for ccTLD, gTLD and private domain name registries https://www.centralnic.com/ +44.7548243029 CentralNic Group plc is a company registered in England and Wales with company number 8576358. Registered Offices: 35-39 Moorgate, London, EC2R 6AR.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ regext mailing list [email protected] https://www.ietf.org/mailman/listinfo/regext
