Unicode and APIs

Sam Hartman hartmans at MIT.EDU
Thu Sep 20 06:58:17 EDT 2007

I'd like to ask you to take a major step back here.  We seem to be
disagreeing about some fundamental assumptions.

I'm assuming that if krb5 knows the right characters then it will do
the right thing regardless of what character set they are in.

For example I don't see why you need to prompt for the password twice.
You simply need to know what character set it is in.

You try that string in the js8 locale of the realm in question as well
as in UTF8.  This clearly works for no-preauth.  I forget how we
decided it needed to work for the preauth required case and encrypted
timestamp, but we have worked through that in the past.

I.E. I don't understand how the API-level stuff affects old vs new in
terms of protocol.  I think it mostly affects whether you need to
convert to UTF8 when talking to a new implementation in the ASN.1
routines and how you deal with characters that cannot be represented.


More information about the krbdev mailing list