Re: Section 3.2 of secsh-auth-kbdinteract-01

[Frank Cusack <fcusack%fcusack.com@localhost>]

On Fri, Jan 18, 2002 at 08:01:35AM -0500, RJ Atkinson wrote:
> 
> On Thursday, January 17, 2002, at 08:18  PM, Frank Cusack wrote:
> 
> > On Tue, Dec 19, 2000 at 11:19:32AM +0100, Martin Forssen wrote:
> >> On 18 Dec, Darren Moffat wrote:
> >>>> Section 3.2:
> >>>
> >>>>   The server SHOULD limit the length of the name and prompt fields to
> >>>>   30 characters.  No restrictions are placed on the instruction
> >>>> field.
> >>>>
> >
> > 30 does seem an odd number[1].  I don't recall the exact device (probably
> > Palm) but I do believe it was in fact based on some minimal screen width
> > limitation.  The reason the name and prompt fields were limited is b/c
> > they are expected to be printed on a single line.
> 
> IMHO, either the advice "SHOULD be limited to 30 characters" ought to be
> deleted xor that should be edited to a much more reasonable value than 30.
> Given that most systems, even a Palm, can wrap lines, it isn't clear to me
> that any limit is needed.  And "user@domain" strings can be VERY long.

The 'name' field is intended to be the window title on GUI clients.
The window title has a limited number of characters that can usefully
be displayed.  If the name is important (eg, tells the user what device
to use out of several he has) and is 256 characters but the client
is forced to truncate (or the window toolkit just truncates) that
important info is lost.

A similar argument exists for the prompt fields.

So I do not agree with you that no limit is needed, however at the same
time it is clear that strings can be very long.

/fc