W3C home > Mailing lists > Public > public-webauthn@w3.org > July 2018

Re: [webauthn] truncation to 64-byte upper limit doesn't mention character boundaries

From: Addison Phillips via GitHub <sysbot+gh@w3.org>
Date: Wed, 18 Jul 2018 19:05:33 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-406040767-1531940732-sysbot+gh@w3.org>
If you go with normative language, I would prefer this:

> Authenticators MUST perform any UTF-8 encoded string truncation on a code point boundary, and are encouraged perform such a truncation on a extended grapheme cluster (EGC) boundary [[!UAX29]]. 

... in place of SHOULD/MAY as in the proposal. I used non-normative language about EGC because SHOULD is too strong a recommendation. MAY might be appropriate instead.

Note that a mid-code-point truncated string makes file formats such as JSON invalid (unless a transfer encoding such as base64 is applied to the name--which I think is beside the point??)

GitHub Notification of comment by aphillips
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/973#issuecomment-406040767 using your GitHub account
Received on Wednesday, 18 July 2018 19:05:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:58:52 UTC