- From: Juan Carlos Cruellas <cruellas@ac.upc.edu>
- Date: Wed, 13 Jun 2007 18:14:28 +0200
- To: Sean Mullan <Sean.Mullan@Sun.COM>
- CC: public-xmlsec-maintwg@w3.org
Sean Mullan escribió: > I'm not sure his examples are correct according to the rules. Shouldn't > the first be: > > "CN=\ Wolfgang \20+CN=\ Amadeus \20" > > instead of > > "CN=\ Wolfgang \ +CN=\ Amadeus \20" > > because there is a trailing space at the end of the Wolfgang AVA String?! > > > I tend to agree with Sean. Maybe it was assumed that the whole string should be taken as only one entity. But it seems to me that this is a multi-valued RelativeDistinguishedName, which "outputs from adjoining AttributeTypeAnd Values are separated by a plus character" (sect 2.2 of RFC 2253). Sect 2.3 emphasizes that AttributeTypeAndValue comes from concatenating strings resulting from encoding Attribute Type, "=" character and string resulting from encoding the value.... Section 2.4 mandates escaping certain characters in the string that encodes each value. Finally XMLSig says "Also strings in DNames (..) should be encoded as follows"... the plural in "strings" seems to me as indicating that each individual string encoding a particular value of an attribute should escape its own leading and trailing chars no matter if it is within a multi-value or not. In summary, I would also tend to think that a "\20" should appear at the end of the first value of the multi-valued RDN in the example that Sean mentions. Juan Carlos.
Received on Wednesday, 13 June 2007 16:14:43 UTC