--On Tuesday, September 22, 2009 17:58 +0200 Simon Josefsson
<simon(_at_)josefsson(_dot_)org> wrote:
...
Personally (speaking as one of few SASLprep implementers) I
believe using NFC alone would be better from many perspectives
than SASLprep for passwords. But I can't point to any
substantial document to support that belief, and there are
obvious disadvantages with the NFC-approach (less stability
because of versioning differences) that would need to be
addressed. Given that SCRAM is in last call now, I'm not sure
it is feasible to develop a document that analyze NFC from
this perspective that we can have good confidence in and gain
wide support for.
I'd be happy to help work on a document that analyzed the
consequences of replacing SASLprep with just-use-RFC5198 in
SASL. But I don't think SCRAM should wait for something like
it to materialize.
Now that the issue has been raised and is presumably better
understood, I'm happy to leave that decision to the WG.
...
Finally a general observation. I believe username and
passwords are different beasts when it comes to string
preparation. What makes sense for usernames does not always
make sense for passwords, and vice versa. Usernames are
typically transported in the clear, and thus it makes little
sense to enforce strong normalization like NFKC on it. What
may be useful is to enforce weaker rules, like NFC, when
comparing two username strings for equivalence. Passwords
should not be transported in the clear, and are often input to
hash functions, and thus it is motivated to require
normalization. I'm not convinced NFC is sufficient here. I
think conflating username string preparation with password
string preparation is one problematic part of SASLprep.
Agreed.
john
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf