- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Tue, 7 Aug 2007 16:34:26 -0400
- To: XMLSec <public-xmlsec-maintwg@w3.org>
- Cc: Hirsch Frederick <frederick.hirsch@nokia.com>
RFC 2732 is obsoleted by RFC 3986. The following is a proposal for editing XML Signature to address this change. This proposal is to address ACTION-79. Please comment on this proposal by this Friday, 10 August if possible. 1) Change in Section 4.3.3.1 "The URI Attribute": http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/#sec-URI From: "However, some Unicode characters are disallowed from URI references including all non-ASCII characters and the excluded characters listed in RFC3986 [URI, section 2.4]. However, the number sign (#), percent sign (%), and square bracket characters re-allowed in RFC 2732 [URI- Literal] are permitted." To: "Use of characters must follow the rules in RFC 3986. For example, RFC 3986 only permits square bracket characters within the host portion of a URI for IPv6 to enclose an IPv6 literal IP address (Section 3.2.2 [URI]). The percent sign (%) must be percent-encoded as "%25" for that octet to be used as data within a URI since it serves as the indicator for percent-encoded octets (Section 2.4 [URI]). The number sign (#) may be used but must be percent-encoded where it might be confused for terminating a URI and indicating a fragment." Alternatively we could remove the text I've marked as from. 2) Remove URI-Literal from list of references, i.e. remove: "URI-Literal RFC 2732. Format for Literal IPv6 Addresses in URL's. R. Hinden, B. Carpenter, L. Masinter. December 1999. http://www.ietf.org/rfc/rfc2732.txt" regards, Frederick Frederick Hirsch Nokia
Received on Tuesday, 7 August 2007 20:34:38 UTC