[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: userPassword comment

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: userPassword comment
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Mon, 19 May 2003 20:01:02 +0200
Cc: ietf-ldapbis@OpenLDAP.org
In-reply-to: <5.2.0.9.0.20030519102238.02770d00@127.0.0.1>
References: <5.2.0.9.0.20030519102238.02770d00@127.0.0.1>

Kurt D. Zeilenga writes:
> that applications SHOULD prepare textual strings used as passwords
> before storing them in the directory to improve the likelihood
> that passwords work as expected.   To prepare a textual string,
> the application MUST transcode to Unicode, apply SASLprep, and
> transfer using UTF-8.

SHOULD prepare, but MUST transcode and so on?  Do you mean that
IF it prepares, it MUST do it by transcoding and so on?

Is 'transcode to Unicode, apply SASLprep, and transfer using UTF-8' the
definition of 'to prepare' the string, or can 'prepare' mean something
else?  If the former, how about:

  ...the application SHOULD prepare textual strings used as passwords
  by transcoding them to Unicode, applying SASLprep, and encoding as
  UTF-8.

Though I don't think the schema draft should talk about 'transfer'.
That's a protocol thing.  How about 'encode' as UTF-8?

Finally, where is SASLprep defined?

-- 
Hallvard

Follow-Ups:
- Re: userPassword comment
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- userPassword comment
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: userPassword comment
Next by Date: Re: userPassword comment
Index(es):
- Chronological
- Thread