19.11.2008 01:34, Geert Hendrickx wrote:
On Tue, Nov 18, 2008 at 10:00:00PM +0200, Fredrik Grönqvist wrote:
Yes, I see. So in light of this and the conversation on the imap-protocol -list
http://mailman2.u.washington.edu/pipermail/imap-protocol/2008-February/00082...
our current options seem to boil down to having the passwords ISO-8859-1 encoded (given the demographics of our users). Those using operating systems with native UTF-8 clients have to use passwords containing only 7-bit characters.
Actually I would do it the other way around. You can't really explain to your UTF-8 using users "you should use that older client instead of this newer one to make your login work". And some day you'll have to switch to UTF-8 anyway.
Yes, I agree that it should be in UTF-8. My specific problem is that about 80% (a rough estimate) of our users are on either Windows or webmail. Those having passwords containing umlauts etc can log on, using their current client, if the passwords are kept ISO-8859-1 encoded instead of UTF-8.
I didn't realise the specifications were so flexible on this password issue.
s/flexible/vague/ :-)
The consensus on the imap-protocol list, and particularly the message you refer to, seems to be "we should replace ASCII with UTF-8 in the spec".
It does seem that way, and while I think it will be increasingly important in the future, I also got the feeling that this change will take a long time to filter down to the implementations (as both servers and clients need to change).
As Timo pointed out, the options to "fix" this on the server side are currently quite limited, so it seems I have to stick to the lowest common denominator in our password policy.
Chears, Fredrik