Re: [Emu] EAP, RADIUS, UTF-8, RFC 4282 and SASLPREP: the interop nightmare

[Alan DeKok <aland@deployingradius.com>]

Stefan Winter wrote:
> KNetworkManager (openSUSE Linux 11.0, 32-Bit)
> -----------------------------------------------------------------------
> 
> encoding of @müller.de to @m[0xC3][0xBC]ller.de (UTF-8, no punycode)
> encoding of cryillic characters to 2-byte encodings starting with d0 and
> d1 -> looks like cyrillic area of UTF-8, no punycode in realm
> 
> That looks like a good UTF-8 test case. KNetworkManager uses
> wpa_supplicant as a backend.

  It appears that KNetworkManager is responsible for encoding the name
as UTF-8.  Many Linux distributions have bypassed the various non-UTF-8
encodings, and just use UTF-8 everywhere.  This makes "conversion" easy.

> P.S.: add $OPEN_SOURCE_SALES_PITCH_FOR_WPA_SUPPLICANT here ;-)

  Nice, but it's not related to open source.  wpa_supplicant is just
inheriting the encoding used by the host OS, which is UTF-8:

http://lists.shmoo.com/pipermail/hostap/2008-August/018219.html

  ... wpa_supplicant does not really care about the encoding of the
  identity field, i.e., it is just sent out as arbitrary binary data.

  ...In addition, you can set the identity value as a hex string
  (identity=68656c6c6f); of course this is assuming that you know what
  binary data the authentication server expects to see.

  Checking the source, there are no references to UTF-8 in anything
other than comments.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>