Support of non-ASCII username/password in KDC of Win2000 serv er

Jeffrey Altman jaltman at
Mon Aug 11 13:32:39 EDT 2003

Microsoft is either using UNICODE or UTF-8.
However, only characters which can be represented in 7-bit ASCII are 
safe for use in the Kerberos protocol if you want interoperability with 
non-Microsoft Kerberos services.

Jeffrey Altman

Tay, William wrote:

> Thanks to all who replied.
> So what kind of encoding is Microsoft expecting for the KDC? In other words,
> what character encoding is the username/password encoded and stored in
> Microsoft KDC?
> Thanks.
> Will
> -----Original Message-----
> From: Sam Hartman [mailto:hartmans at]
> Sent: Sunday, August 10, 2003 9:15 AM
> To: Tay, William
> Cc: 'krbdev at'
> Subject: Re: Support of non-ASCII username/password in KDC of Win2000 server
> non-ASCII usernames are not supported by Kerberos.  IF it happens to
> work, that's great for you.
> You can read the IETF drafts and discussion within the working group
> of the IETF for the details of the issues involved.
> A future version of the Kerberos protocol will specify
> interoperability rules for internationalization.  The transition will
> be messy.
> _______________________________________________
> krbdev mailing list             krbdev at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3427 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the krbdev mailing list