[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: internationalization of textual passwords

To: ietf-ldapbis@OpenLDAP.org
Subject: Re: internationalization of textual passwords
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 27 Feb 2003 11:04:05 -0800
In-reply-to: <5.2.0.9.0.20030227093121.01a093b8@127.0.0.1>

BTW, SASLprep is detailed in:
  http://www.ietf.org/internet-drafts/draft-ietf-sasl-saslprep-00.txt

Kurt

At 09:42 AM 2/27/2003, Kurt D. Zeilenga wrote:
>While the simple bind password and userPassword are OCTET STRINGs
>and to be compared using octetStringMatch (and I continue to think
>this should not be changed, see past discussions), I (as an
>individual) think it would be appropriate to RECOMMEND that clients
>which provide textual passwords "prepare", using SASLprep, the
>string before transmission to the server to ensure that like
>passwords will match.  Use of SASLprep here, aside from ensuring
>consistency between all LDAP clients desiring to use textual
>passwords, would allow the textual strings to be used in various
>SASL mechanisms which use SASLprep.
>
>Comments?
>
>Kurt

References:
- internationalization of textual passwords
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: internationalization of textual passwords
Next by Date: Re: internationalization of textual passwords
Index(es):
- Chronological
- Thread