[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldapext] Fwd: I-D Action:draft-zeilenga-ldap-passwords-00.txt
On Mar 31, 2008, at 5:03 PM, simo wrote:
>
> On Mon, 2008-03-31 at 16:13 -0700, Kurt Zeilenga wrote:
>>
>> A password doesn't necessarily consist of character data, so specify
>> their length in characters doesn't make any sense.
>
> In 4.1 you proposed a constraint that password conforms to UTF-8.
> In this case data definitely consist of characters.
Here you use character to mean "code point". Above I assumed you
where using character to mean "abstract character".
While a minimum number of code point constraint might be useful, I
think a minimum number of abstract characters constraints would be
more useful. The latter like should be dependent on the SASLprep
constraint, or other constraint which limited passwords to abstract
character sequences.
> An administrator, I think, would definitely be confused/disappointed
> to
> discover that the minimum number of characters accepted varies
> depending
> on the language used.
Or varied depending on the number of code points used to represent the
abstract character.
> (Most latin languages uses mostly 1 byte characters, while many other
> languages will use regularly 2 byte (or more) wide characters).
>
> Should we have a default 'Minimum Length of Characters' constraint to
> pair to the UTF-8 constraint of 4.1 ?
See above.
>
>
>>> 4)
>>>
>>> The number of constraints seem quite limited, are you open to
>>> suggestion
>>> for more constraint types that are currently commonly used in
>>> various
>>> server implementations ?
>>
>> Yes.
>
> Thanks,
> there are some encoding (utf-8) dependent constraints that are widely
> used like:
I was thinking of just having a Unicode Regular Expression constraint.
-- Kurt
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www.ietf.org/mailman/listinfo/ldapext