Re: UTF8

[Sam Hartman <hartmans-ietf%mit.edu@localhost>]

>>>>> "der" == der Mouse <mouse%Rodents.Montreal.QC.CA@localhost> writes:

    >>> What does "properly internationalized" mean - or perhaps more
    >>> precisely, what is there about being "properly
    >>> internationalized" that demands that usernames, passwords, and
    >>> filenames consist of character sequences rather than octet
    >>> sequences?
    >> I'd appreciate replies off-list as I believe we are outside of
    >> the scope of this working group.

    der> In general, perhaps, but insofar as it bears on implementing
    der> ssh, I am inclined to disagree - which is why I'm replying
    der> on-list anyway.

*sigh*  Teach me to try and explain something.


    der> What is the IETF position, then, on how someone such as me
    der> should handle the situation I'm faced with: writing software
    der> specified from this point of view (ssh, in my case) for
    der> systems on which these entities are _not_ character strings
    der> (a fairly traditional Unix variant, NetBSD in my case)?  I'm
    der> faced with an encoding-agnostic filesystem interface and
    der> implementation, wherein filename components are sequences of
    der> octets not including 0x00 and 0x2f, independent of any
    der> characters; I'm faced with password hashing routines that
    der> work with octet strings, not character strings; etc.

I think this is all mostly an open issue.  IN practice what unix
server implementers seem to do is to treat the username and password
as octet-strings.  Neils has proposed ways of doing significantly
better than that.

I do think there is significant room here for implementers to decide
what works best, write it up and publish it.  Based on timing it would
probably work better as an informational RFC than as input to the core
drafts.

--Sam