[474] in Kerberos
valid names
daemon@TELECOM.MIT.EDU (Clifford Neuman)
Fri Jul 29 20:59:53 1988
From: bcn@JUNE.CS.WASHINGTON.EDU (Clifford Neuman)
To: Saltzer@ATHENA.MIT.EDU, kerberos@ATHENA.MIT.EDU
I beleive that in the current protocol, the only character that is not
allowed in components of names is NULL. The three components of a
name are treated separately and there is no problem if a name contains
an "@" or a ".". This is as it should be.
Note, however, that although the protocol allows anything other than
NULL this choice is (presently) restricted in the user interface. For
example, the character set that can be used in the .klogin files is
more restricted. Programs that read text files or take user input and
try separating the three fields of a name might get confused if they
accept input as a single token and the separators also appear in the
individual fields. This is a separate issue, and I do not feel that
the way to solve it is to restrict what is legal according to the
protocol.
As to the size of the fields. As far as the protocol goes, they
should be unlimited. This follows from application of the
zero-one-infinity argument. The lengths are currently restricted by
the implementations, but this is something that can be fixed, although
it would be a low priority task. A user that wants a long name should
be allowed to do so. As long as allowing long names only slows things
down when such names are actually used, there is no reason to disallow
them.
~ Cliff
