On 2015/10/01 13:11, Jonathan Rosenne wrote:
For languages such as Java, passwords should be handled as byte arrays rather than strings. This may make it difficult to apply normalization.
Well, they should be received from the user interface as strings, then normalized, then converted to byte arrays using a well-defined single encoding. Somewhat tedious, but hopefully not difficult.
Regards, Martin.
