[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IDN and Kerberos



As Marc said, some of the work we are doing would be useful for to start
on.
draft-ietf-idn-idna, draft-ietf-idn-nameprep, draft-ietf-idn-amc-z

But I also have a few questions on my own in additional to Erik.

Is these names used by human or used by computer?

Other then doing absolutely matching, do you need near-match, searching
and/or sorting capability?

I will read draft-ietf-krb-wg-info-ascii-gen-string on my flight and
then perhaps then provide you with more information.

In the meantime, it might be worthwhile to bring this discussion to
intloc-discuss@ops.ietf.org. This is certainly a place to discuss
that...

-James Seng


----- Original Message -----
From: "Jeffrey Altman [Kermit Project]" <jaltman@columbia.edu>
To: <jseng@pobox.org.sg>; <marc.blanchet@viagenie.qc.ca>
Cc: <narten@us.ibm.com>; <nordmark@eng.sun.com>; <harald@alvestrand.no>;
<deengert@anl.gov>
Sent: Friday, December 14, 2001 12:03 PM
Subject: IDN and Kerberos


> The Kerberos Working Group is struggling with a serious problem
related
> to Internationalization issues and a large amount of pressure to
release
> the successor to RFC 1510 as soon as possible.  It is desired that
this
> be accomplished no later than the March meeting.
>
> The majority of the problem is our own fault and is summarized in
>
http://www.ietf.org/internet-drafts/draft-ietf-krb-wg-info-ascii-gen-str
ing-00.txt
>
> In short, the Kerberos 5 protocol as currently implemented in RFC 1510
> does not provide any guidance on the use of character sets.  The use
of
> GeneralString in the ASN.1 based messages technically limit the
protocol
> to using IA5 (US-ASCII).  However, implementations have not enforced
> this restriction with some vendors treating the GeneralString as an
> arbitrary octet string and others using it as a UTF-8 encoded UCS-2
> field (Microsoft.)
>
> The long and the short of it is that we are under direction from the
> IESG to use Unicode.  For various reasons we plan to use UTF-8 as the
> encoding scheme.  However, due to the fact that the names of hosts,
> principals, and realms are objects that must be compatible with DNS it
> is extremely important that the normalization rules used by the
Kerberos
> WG in the RFC 1510 revisions match those standardized by the IDN WG.
>
> The question I have is what is the state of IDN.  Clearly, a lot of
time
> and effort is being placed into determining a DNS compatible encoding
> scheme that is internationally fair.  It appears to me that this work
is
> independent of deciding on a set of glyph normalization rules.  Has
the
> normalization work been completed?  If so, could that work be moved to
> Last Call prior to completion of the encoding work?
>
> Thanks for taking the time to respond to this request for information.
>
> - Jeffrey Altman
>
>
>
>