DR-09-0070: PML, Presentation: modifyVerifer password length

Shawn Villaron shawnv at exchange.microsoft.com
Tue Feb 17 05:24:35 CET 2009


DR-09-0070: PML, Presentation: modifyVerifer password length

Hi everyone,

This issue deals with some ambiguity associated with the length of the supplied password in PresentationML.  The current text states the following:

The password supplied to the algorithm is to be a UTF-16LE encoded string; strings longer than 255 characters are truncated to 255 characters. If there is a leading BOM character (U+FEFF) in the encoded password it is removed before hash calculation.

The question relates to the meaning of "longer than 255 characters."  I believe that the intent of this limitation is to support up to 510 bytes.

I'm curious as to how everyone thinks we should rephrase things.  Do we think that this updated text would suffice addressing this issue:

The password supplied to the algorithm is to be a UTF-16LE encoded string; strings longer than 510 bytes are truncated to 510 bytes. If there is a leading BOM character (U+FEFF) in the encoded password it is removed before hash calculation.

Do we think we need more information here?

Thanks,

shawn

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.vse.cz/pipermail/sc34wg4/attachments/20090217/b4b1d239/attachment.htm>


More information about the sc34wg4 mailing list