Subject RE: [MACE-Dir] Re: Fwd: [i2mi-info] Re: (fwd) New version of eduPerson now entering last call
From "Cantor, Scott" <cantor.2@xxxxxxx>
Date Fri, 7 Jun 2013 17:51:36 +0000

> I find it less confusing that way and examples are always helpful. Maybe
> the list of characters that are not recommended could even be extended
> with "quotes, whitespaces, $, @, \, ® or §"

I think probably the best we can do is something like the above, and make the name -> username change.

The key thing is that what we're really saying is "assume nothing", and that's really about all I can do as an implementer. Guidance doesn't help me at all, only preclusions. Developers are in the same boat, and this is just going to lead to the same "this character doesn't work with this application" problems we have today.

So we're really targeting this language at new adopters on the IdP/LDAP side.

The key thing is to never repeat this mistake. Any new identifiers need to be carefully vetted and include an explicit BNF that is absolutely prescriptive.

-- Scott