Re: [Emu] Revised sections for Issue #18 (Internationalization)

To: Alan DeKok <aland at deployingradius.com>
Subject: Re: [Emu] Revised sections for Issue #18 (Internationalization)
From: Simon Josefsson <simon at josefsson.org>
Date: Fri, 25 Sep 2009 12:55:32 +0200
Cc: emu at ietf.org
Delivered-to: emu at core3.amsl.com
In-reply-to: <4ABC9467.2000704 at deployingradius.com> (Alan DeKok's message of "Fri, 25 Sep 2009 11:59:03 +0200")
List-archive: <http://www.ietf.org/mail-archive/web/emu>
List-help: <mailto:emu-request@ietf.org?subject=help>
List-id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-post: <mailto:emu@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <AC1CFD94F59A264488DC2BEC3E890DE508C62E3A at xmb-sjc-225.amer.cisco.com> <877hvqavwp.fsf at mocca.josefsson.org> <4ABA2282.4080207 at deployingradius.com> <87r5txu4mt.fsf at mocca.josefsson.org> <4ABB7A8A.1070002 at deployingradius.com> <877hvoqvjn.fsf at mocca.josefsson.org> <4ABB8EA5.20405 at deployingradius.com> <87ocp0pdfe.fsf at mocca.josefsson.org> <4ABC9467.2000704 at deployingradius.com>
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux)

Alan DeKok <aland at deployingradius.com> writes:

> Simon Josefsson wrote:
>> Right.  My point is that the one needs to weight this approach to a
>> system which does not use normalization but instead use
>> internationalized comparison rules.
>
>   How do you do internationalized comparisons on hashed passwords?
>
>   All you have is the hash.  And if the passwords input to the hash
> aren't the same (i.e. non-normalized), then you're *guaranteed* that the
> hashes won't match.

Right.  Hashed passwords is one example of when internationalized
comparisons wouldn't work.  I'm sorry if this wasn't clear in my earlier
note.

However there is a risk that normalization _introduce_ differences: if
two systems use different normalization algorithms that leads to
different outputs for the same input, the hashes won't match either.

/Simon

Follow-Ups:
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Joseph Salowey (jsalowey)

References:
- [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Joseph Salowey (jsalowey)
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Simon Josefsson
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Alan DeKok
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Simon Josefsson
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Alan DeKok
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Simon Josefsson
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Alan DeKok
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Simon Josefsson
- Re: [Emu] Revised sections for Issue #18 (Internationalization)
  - From: Alan DeKok

Prev by Date: Re: [Emu] Revised sections for Issue #18 (Internationalization)
Next by Date: Re: [Emu] Revised sections for Issue #18 (Internationalization)
Previous by thread: Re: [Emu] Revised sections for Issue #18 (Internationalization)
Next by thread: Re: [Emu] Revised sections for Issue #18 (Internationalization)
Index(es):
- Date
- Thread

Re: [Emu] Revised sections for Issue #18 (Internationalization)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.