Re: Unicode versioning in glib

From: "butterbrain" <bbrain adelphia net>
To: "Simon Josefsson" <jas extundo com>
Cc: <gtk-i18n-list gnome org>
Subject: Re: Unicode versioning in glib
Date: Sat, 5 Oct 2002 18:02:01 -0400

> I'm not sure what your point is, but if you mean that this is enough
> for a protocol that compares normalized strings (such as passwords)
> for equality the point is not valid.  The protocols I'm implementing
> currently requires that all protocol implementations must use NFKC
> from Unicode 3.2.

all normalisation of passwords should be done on the trusted machine on which the password is typed. the storage of the password should be a hash of the string that was input. the verification of the password never requires a specific encoding. it's acceptable to input your password with something other than a keyboard, or with keys on a keyboard that don't map to characters or unicode values of any kind! the protocol which you are implementing is broken. in any event you are probably interested in this file as well:
http://www.unicode.org/Public/UNIDATA/NormalizationCorrections.txt

Follow-Ups:
- Re: Unicode versioning in glib
  - From: Simon Josefsson
- Re: Unicode versioning in glib
  - From: Roozbeh Pournader

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]