[gnutls-devel] rfc7613 password normalization

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Mon Nov 21 21:18:27 CET 2016


On Mon, 2016-11-21 at 20:00 +0100, Andreas Metzler wrote:
> On 2016-11-16 Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com>
> wrote:
> > Hi,
> >  The merge request [0] introduces UTF8 password "canonicalization"
> > according to RFC7613. That is, a UTF8 or UTF16 password (in case of
> > PKCS#12 files) will be transformed to a unique form prior to being
> > used to generate a key.
> 
> [...]
> > A side-effect of this change, is that gnutls will also depend on
> > libunistring (which is in the process of being relicensed to
> > lgplv3+gplv2), for proper unicode support.
> > [0]. https://gitlab.com/gnutls/gnutls/merge_requests/137
> 
> I would appreciate if the merge happened after
> libunistring was relicensed.

A few hours too late :) As I see the relicense is already done on
gnulib, though I don't know if there is a proper (non-gnulib) release.
If you want to avoid the linking with the old libunistring which is
under lgplv3+, you can use temporarily the --with-included-unistring
option which will use the already relicensed gnulib sources.

regards,
Nikos

PS. I just realized that the gnulib-tool does not properly copy the
license if the --lgpl=3orGPLv2 flag is given. I'll send an patch to
gnulib for that.




More information about the Gnutls-devel mailing list