Re: userPassword comment

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 11:01 AM 5/19/2003, Hallvard B Furuseth wrote:
>Kurt D. Zeilenga writes:
>> that applications SHOULD prepare textual strings used as passwords
>> before storing them in the directory to improve the likelihood
>> that passwords work as expected.   To prepare a textual string,
>> the application MUST transcode to Unicode, apply SASLprep, and
>> transfer using UTF-8.
>
>SHOULD prepare, but MUST transcode and so on?  Do you mean that
>IF it prepares, it MUST do it by transcoding and so on?

I meant:
  It is RECOMMENDED that applications prepare textual strings
  used as password to improve matching.  Applications which
  prepare textural strings used as password are REQUIRED to
  prepare them as follows:
     a) transcode to Unicode,
     b) apply SASLprep, and
     c) encode as UTF-8.


>Is 'transcode to Unicode, apply SASLprep, and transfer using UTF-8' the
>definition of 'to prepare' the string, or can 'prepare' mean something
>else?  If the former, how about:
>
>  ...the application SHOULD prepare textual strings used as passwords
>  by transcoding them to Unicode, applying SASLprep, and encoding as
>  UTF-8.

I am fine with this as well.

>Though I don't think the schema draft should talk about 'transfer'.
>That's a protocol thing.  How about 'encode' as UTF-8?

encode is fine.

>Finally, where is SASLprep defined?

draft-ietf-sasl-saslprep-xx.txt

Kurt