Browse Prior Art Database

Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords (RFC7613) Disclosure Number: IPCOM000242784D
Original Publication Date: 2015-Aug-01
Included in the Prior Art Database: 2015-Aug-15
Document File: 54 page(s) / 59K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

P. Saint-Andre: AUTHOR [+2]


Usernames and passwords are widely used for authentication and authorization on the Internet, either directly when provided in plaintext (as in the PLAIN Simple Authentication and Security Layer (SASL) mechanism [RFC4616] and the HTTP Basic scheme [HTTP-BASIC-AUTH]) or indirectly when provided as the input to a cryptographic algorithm such as a hash function (as in the Salted Challenge Response Authentication Mechanism (SCRAM) SASL mechanism [RFC5802] and the HTTP Digest scheme [HTTP-DIGEST-AUTH]).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 5% of the total text.

Internet Engineering Task Force (IETF)                    P. Saint-Andre Request for Comments: 7613                                          &yet Obsoletes: 4013                                              A. Melnikov Category: Standards Track                                      Isode Ltd ISSN: 2070-1721                                              August 2015

  Preparation, Enforcement, and Comparison of Internationalized Strings                   Representing Usernames and Passwords


   This document describes updated methods for handling Unicode strings    representing usernames and passwords.  The previous approach was    known as SASLprep (RFC 4013) and was based on stringprep (RFC 3454).    The methods specified in this document provide a more sustainable    approach to the handling of internationalized usernames and    passwords.  The preparation, enforcement, and comparison of    internationalized strings (PRECIS) framework, RFC 7564, obsoletes RFC    3454, and this document obsoletes RFC 4013.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at

Saint-Andre & Melnikov       Standards Track                    [Page 1]
 RFC 7613             PRECIS: Usernames and Passwords         August 2015

 Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    ( in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.  Code Components extracted from this document must    include Simplified BSD License text as described in Section 4.e of    the Trust Legal Provisions and are provided without warranty as    described in the Simplified BSD License.

Saint-Andre & Melnikov       Standards Track                    [Page 2]
 RFC 7613             PRECIS: Usernames and Passwords         August 2015

 Table of Conten...