draft-ietf-sasl-saslprep-05.txt   draft-ietf-sasl-saslprep-06.txt 
INTERNET-DRAFT Kurt D. Zeilenga INTERNET-DRAFT Kurt D. Zeilenga
Intended Category: Standards Track OpenLDAP Foundation Intended Category: Standards Track OpenLDAP Foundation
Expires: August 2004 15 February 2004 Expires: September 2004 10 March 2004
SASLprep: Stringprep profile for user names and passwords SASLprep: Stringprep profile for user names and passwords
<draft-ietf-sasl-saslprep-05.txt> <draft-ietf-sasl-saslprep-06.txt>
Status of Memo Status of Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC 2026. provisions of Section 10 of RFC 2026.
This document is intended to be, after appropriate review and This document is intended to be, after appropriate review and
revision, submitted to the RFC Editor as a Standards Track document. revision, submitted to the RFC Editor as a Standards Track document.
Distribution of this memo is unlimited. Technical discussion of this Distribution of this memo is unlimited. Technical discussion of this
document will take place on the IETF SASL mailing list document will take place on the IETF SASL mailing list
skipping to change at page 2, line 16 skipping to change at page 2, line 16
1. Introduction 1. Introduction
The use of simple user names and passwords in authentication and The use of simple user names and passwords in authentication and
authorization is pervasive on the Internet. To increase the authorization is pervasive on the Internet. To increase the
likelihood that user name and password input and comparison work in likelihood that user name and password input and comparison work in
ways that make sense for typical users throughout the world, this ways that make sense for typical users throughout the world, this
document defines rules for preparing internationalized user names and document defines rules for preparing internationalized user names and
passwords for comparison. For simplicity and implementation ease, a passwords for comparison. For simplicity and implementation ease, a
single algorithm is defined for both user names and passwords. single algorithm is defined for both user names and passwords.
The algorithm assumes all strings are comprised of characters from the
Unicode character set.
This document defines the "SASLprep" profile of the "stringprep" This document defines the "SASLprep" profile of the "stringprep"
algorithm [StringPrep]. algorithm [StringPrep].
The profile is designed for use in Simple Authentication and Security The profile is designed for use in Simple Authentication and Security
Layer ([SASL]) mechanisms such as [PLAIN]. It may be applicable Layer ([SASL]) mechanisms such as [PLAIN]. It may be applicable
elsewhere simple user names and passwords are used. This profile is elsewhere simple user names and passwords are used. This profile is
not intended to be used to prepare identity strings which are not not intended to be used to prepare identity strings which are not
simple user names (e.g., e-mail addresses, domain names, distinguished simple user names (e.g., e-mail addresses, domain names, distinguished
names), or where identity or password strings which are not character names), or where identity or password strings which are not character
data. data.
2. The SASLprep profile 2. The SASLprep profile
This section defines the "SASLprep" profile. This profile is intended This section defines the "SASLprep" profile of the "stringprep"
to be used to prepare strings representing simple user names and algorithm [StringPrep]. This profile is intended to be used to
passwords. prepare strings representing simple user names and passwords.
This profile uses Unicode 3.2, as defined in [StringPrep, A.1]. This profile uses Unicode 3.2 [Unicode].
Character names in this document use the notation for code points and Character names in this document use the notation for code points and
names from the Unicode Standard [Unicode]. For example, the letter names from the Unicode Standard [Unicode]. For example, the letter
"a" may be represented as either <U+0061> or <LATIN SMALL LETTER A>. "a" may be represented as either <U+0061> or <LATIN SMALL LETTER A>.
In the lists of mappings and the prohibited characters, the "U+" is In the lists of mappings and the prohibited characters, the "U+" is
left off to make the lists easier to read. The comments for character left off to make the lists easier to read. The comments for character
ranges are shown in square brackets (such as "[CONTROL CHARACTERS]") ranges are shown in square brackets (such as "[CONTROL CHARACTERS]")
and do not come from the standard. and do not come from the standard.
Note: a glossary of terms used in Unicode can be found in [Glossary]. Note: a glossary of terms used in Unicode can be found in [Glossary].
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/