Proposed change to XML Signature for RFC 2732 change - ACTION-79

RFC 2732 is obsoleted by RFC 3986. The following is a proposal for  
editing XML Signature to address
this change. This proposal is to address ACTION-79.

Please comment on this proposal by this Friday, 10 August if possible.

1) Change in Section 4.3.3.1 "The URI Attribute":
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-URI

From:
"However, some Unicode characters are disallowed from URI references  
including all non-ASCII characters and the excluded characters listed  
in RFC3986 [URI, section 2.4]. However, the number sign (#), percent  
sign (%), and square bracket characters re-allowed in RFC 2732 [URI- 
Literal] are permitted."

To:
"Use of characters must follow the rules in RFC 3986. For example,  
RFC 3986 only permits square bracket characters within the host  
portion of a URI for IPv6 to enclose an IPv6 literal IP address  
(Section 3.2.2 [URI]).  The percent sign (%) must be percent-encoded  
as "%25" for that
octet to be used as data within a URI since it serves as the  
indicator for percent-encoded octets (Section 2.4 [URI]). The number  
sign (#) may be used but must be percent-encoded where it might be  
confused for terminating a URI and indicating a fragment."

Alternatively we could remove the text I've marked as from.

2) Remove URI-Literal from list of references, i.e. remove:

"URI-Literal
RFC 2732. Format for Literal IPv6 Addresses in URL's. R. Hinden, B.  
Carpenter, L. Masinter. December 1999.
http://www.ietf.org/rfc/rfc2732.txt"

regards, Frederick

Frederick Hirsch
Nokia

Received on Tuesday, 7 August 2007 20:34:38 UTC