RFC 4282, "The Network Access Identifier", December 2005
Note: This RFC has been obsoleted by RFC 7542Source of RFC: radext (ops)
Errata ID: 1848
Publication Format(s) : TEXT
Reported By: Alan DeKok
Date Reported: 2009-09-08
Rejected by: Dan Romascanu
Date Rejected: 2010-05-10
Section 2.4 says:
o Normalization requirements, as specified in Section 2.2 of [RFC4013], are also designed to assist in comparisons.
It should say:
o Normalization is, in general, a bad idea.
Much of RFC 4282 is simply wrong.
Normalization can be done only when both the local and character set information is included with the text. And that information is not included with the username or realm.
In addition, not all systems will treat "User" the same as "user". The decision about how to
compare user names is site specific. User name comparisons SHOULD NOT be performed on
any system other than the final one that performs user authentication.
The suggested change is rather abrupt and should be discussed with the WG as part of a possible revision of the document.