The following reply was made to PR bin/10206; it has been noted by GNATS.

From: Nino Dehne <ndehne@gmail.com>
To: Alan Barrett <apb@cequrux.com>
Cc: gnats-bugs@NetBSD.org, tech-security@netbsd.org
Subject: Re: security/10206 - proposed solution (concept)
Date: Fri, 19 Aug 2005 05:52:37 +0200

 Alan Barrett wrote:
 > Actually, the prohibited/optional/required status could just be implied
 > by the numeric ranges, but then you'd have to use "0 means 0", not "0
 > means infinity".  For example, "upper: 0" could mean "prohibited";
 > "upper: 1-*" could mean "1 or more required"; "upper: 1-3" could mean
 > "at least 1, but no more than 3"; "upper: 0-*" could mean "any number,
 > zero or more".
 
 How about the ability to specify a regex that the password must match?
 
 Regards,
 
 ND