[Cryptography] Removal of spaces in NIST Draft SP-800-63B
Patrick Chkoreff
patrick at rayservers.net
Thu Mar 30 13:40:44 EDT 2017
Arnold Reinhold wrote on 03/30/2017 09:52 AM:
> I filed a comment (#679) on NIST Draft SP-800-63B “Digital Identity
> Guidelines” urging removal of the provision in Section 5.1.1.2:
> “Verifiers MAY remove multiple consecutive space characters, or all
> space characters, prior to verification provided that the result is
> at least 8 characters in length.” since it can reduce password
> entropy for no good reason. I’d be curious to know if anyone can
> figure out how that got in there in the first place. My comment is
> here:
>
> https://github.com/usnistgov/800-63-3/issues/679
>
> Public comment period ends March 31 (tomorrow).
I second that emotion, and I wrote a comment to that effect.
So *you're* the guy behind Diceware! At various times I've seen your
name on the diceware.com site and on this list, but I never made the
connection. Diceware is a very powerful technique, and I thank you for it.
-- Patrick
More information about the cryptography
mailing list