From 9c0ebc73b82fcb605a146f3b1d83003e118bd210 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Tue, 22 Nov 2016 09:31:19 +0100
Subject: doc: document the RFC7613 normalization of passwords [ci skip]

---
 doc/cha-bib.texi      | 5 +++++
 doc/cha-gtls-app.texi | 4 +++-
 doc/latex/gnutls.bib  | 9 +++++++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/doc/cha-bib.texi b/doc/cha-bib.texi
index 106c8f7c71..6d23ebca11 100644
--- a/doc/cha-bib.texi
+++ b/doc/cha-bib.texi
@@ -41,6 +41,11 @@ Adam Langley, "A Transport Layer Security (TLS) ClientHello Padding Extension",
 October 2015, Available from
 @url{http://www.ietf.org/rfc/rfc7685.txt}.
 
+@item @anchor{RFC7613}[RFC7613]
+Peter Saint-Andre and Alexey Melnikov, "Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords",
+August 2015, Available from
+@url{http://www.ietf.org/rfc/rfc7613.txt}.
+
 @item @anchor{RFC2246}[RFC2246]
 Tim Dierks and Christopher Allen, "The TLS Protocol Version 1.0",
 January 1999, Available from
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 8b50898ae8..03e42cf55b 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -128,7 +128,9 @@ See @ref{Error codes}, for a description of the available error codes.
 
 All strings that are to provided as input to @acronym{GnuTLS} functions
 should be in UTF-8 unless otherwise specified. Output strings are also
-in UTF-8 format unless otherwise specified.
+in UTF-8 format unless otherwise specified. When functions take as input
+passwords, they will normalize them using @xcite{rfc7613} rules (since
+GnuTLS 3.5.7).
 
 When data of a fixed size are provided to @acronym{GnuTLS} functions then
 the helper structure @code{gnutls_datum_t} is often used. Its definition is
diff --git a/doc/latex/gnutls.bib b/doc/latex/gnutls.bib
index e78bdbdf5b..1063d92ea1 100644
--- a/doc/latex/gnutls.bib
+++ b/doc/latex/gnutls.bib
@@ -55,6 +55,15 @@
 	url = "http://www.ietf.org/rfc/rfc5764"
 }
 
+@Misc{ RFC7613,
+	author = "Peter Saint-Andre and Alexey Melnikov",
+	title = "{Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords}",
+	month = "August",
+	year = "2015",
+	note = "Available from \url{http://www.ietf.org/rfc/rfc7613}",
+	url = "http://www.ietf.org/rfc/rfc7613"
+}
+
 @Misc{ RFC6125,
 	author = "Peter Saint-Andre and Jeff Hodges",
 	title = "{Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)}",
-- 
cgit v1.2.1