W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2000

X509Data

From: Carl Wallace <cwallace@erols.com>
Date: Tue, 29 Feb 2000 09:55:27 -0500
Message-ID: <005c01bf82c5$04df6260$477c60cf@jazzhive.erols.com>
To: "dsig" <w3c-ietf-xmldsig@w3.org>
I've a few questions regarding the X509Data element.

1) Why impose the choice over X509IssuerSerial, X509SKI and X509SubjectName in the definition of X509Data?  There are certainly situations where having X509IssuerSerial and X509SubjectName is desirable/necessary.  Including both is still possible to do using the DTD/Schema as it currently exists but is not as concise as simply removing the choice.  

2) There are some issues regarding the string representation of DNs as described in RFC2253.  Minimally, it permits the usage of '<' and '>'  in ways that won't work in XML.

From XML spec:

The ampersand character (&) and the left angle bracket (<) may appear in their literal form only when used as markup delimiters, or within a comment, a processing instruction, or a CDATA section.

From RFC2253, amongst other references to '<' and '>':

Implementations MUST allow a value to be surrounded by quote ('"'ASCII 34) characters, which are not part of the value.  Inside the quoted value, the following characters can occur without any escaping:

                   ",", "=", "+", "<", ">", "#" and ";"



Carl Wallace
CygnaCom Solutions
Received on Tuesday, 29 February 2000 09:55:32 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:09 GMT