Sam Hartman wrote:
> This isn't a bad idea. Think though about how it interacts with
> password databases used for multiple purposes. You sometimes get into
> situations where you need to do normalization both at the client and
> server. That too can be OK. You just need to think it all through
Sam Hartman wrote:
> Alan> The whole composed / decomposed thing is a nightmare for
> Alan> passwords.
>
> And one the emu working group needs to deal with.
RFC 3629 says that overlong sequences are invalid:
Implementations of the decoding algorithm above MUST protect against
d
> "Alan" == Alan DeKok <[EMAIL PROTECTED]> writes:
Alan> Sam Hartman wrote: The whole composed / decomposed thing is
Alan> a nightmare for passwords.
>> And one the emu working group needs to deal with.
Alan> RFC 3629 says that overlong sequences are invalid:
Alan>
