[UA-discuss] Fw: [saag] encrypted files with UTF-8/16 passwords

nalini.elkins at insidethestack.com nalini.elkins at insidethestack.com
Fri Mar 24 13:42:07 UTC 2017

This may be of interest to UASG.


Nalini Elkins
CEO and Founder
Inside Products, Inc.
(831) 659-8360

--- On Fri, 3/24/17, Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> wrote:

> From: Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com>
> Subject: [saag] encrypted files with UTF-8/16 passwords
> To: "IETF SAAG" <saag at ietf.org>
> Cc: mnystrom at microsoft.com, Kathleen.Moriarty at emc.com, bkaliski at verisign.com
> Date: Friday, March 24, 2017, 1:07 AM
> Hi,
>  PKCS#8 (rfc8018) and PKCS#12 (rfc7292)
> can be used to encrypt keys
> and certificates with a password. In
> the first case, PKCS#8 utilizes
> PKCS#5 for converting a password to an
> encryption key, and PKCS#5
> requires a password to be in UTF-8. For
> PKCS#12, a password is input
> in UTF-16 format (mentioned as
> BMPString in the document) in some
> preset schemes, but uses UTF-8 for
> newer schemes like AES via PKCS#5.
> However, UTF-8 (and UTF-16) are
> ambiguous. The same string may have
> multiple representations, and for that,
> there are some guidelines in
> RFC7613 to prepare a unicode string for
> a password, but they do not
> update either of these documents.
> Given that these are informational
> RFCs, which would be the proper
> method to propose an update on them
> based on these lines and requiring
> RFC7613 processing for passwords
> entered in UTF-8?
> regards,
> Nikos
> _______________________________________________
> saag mailing list
> saag at ietf.org
> https://www.ietf.org/mailman/listinfo/saag

More information about the UA-discuss mailing list