W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2001

Re: AW: AW: KeyName white space

From: merlin <merlin@baltimore.ie>
Date: Tue, 15 May 2001 13:12:00 +0100
To: "Tom Gindin" <tgindin@us.ibm.com>
Cc: "Gregor Karlinger" <gregor.karlinger@iaik.at>, w3c-ietf-xmldsig@w3.org
Message-Id: <20010515121200.6DEDD43C15@yog-sothoth.ie.baltimore.com>

There's another issue that seems relevant. RFC 2253 states
that strings must be converted to UTF-8 and then the escaping
rules must be applied. Do we honour this, or should we UTF-8
decode the RFC2253 string before embedding it in the text node.

Essentially, should the final example in RFC 2253 be encoded
in XML as:

UTF-8 encode and require ASCII escaping of high-bit-set chars:
  SN=Lu\C4\8Di\C4\87

UTF-8 encode and embed the result directly:
  SN=Lu??i?? (where ? is a high-bit UTF-8 byte directly embedded)
  (Here the meaning is confusing because the UTF-8 encoded
   text will correspond to some other Unicode charactes, e.g. )

De-UTF-8 and embed the Unicode original:
  SN=Lu?i? (where ? is the original character)

The last seems like the best option to me.

Plus require escaping of all ASCII controls.

Merlin

r/tgindin@us.ibm.com/2001.05.15/07:36:47
>
>     I would like to require the escaping of all ASCII controls in DN's in
>XMLDSIG (I was not precise enough last time, and what I said could have
>been interpreted as having wider scope) because otherwise standard trimming
>routines may eliminate characters which somebody left in a DN
>intentionally, as is permitted by RFC 2253.  It is my impression that
>standard trimming routines tend to remove horizontal tab, for example, in
>the same positions where they remove space.
>
>          Tom Gindin
>
>
>"Gregor Karlinger" <gregor.karlinger@iaik.at> on 05/15/2001 07:10:53 AM
>
>To:   Tom Gindin/Watson/IBM@IBMUS
>cc:   <w3c-ietf-xmldsig@w3.org>
>Subject:  AW: AW: KeyName white space
>
>
>Tom,
>
>[...]
>
>> require it to start with an alphanumeric, trimming any leading whitespace
>> would be safest.
>
>Yes, and this requirement should be stated in XML-Signature.
>
>>      So I think considering unescaped spaces at either end of a DN to be
>> part of it is actually in violation of RFC 2253.  However, and very
>> strangely, no similar requirement exists for horizontal tab or line feed,
>> while carriage return must be escaped according to RFC 1779 but not 2253.
>> Should we require that XMLDSIG implementations escape all ASCII control
>> characters as well?
>
>Why would you like to require such an escaping?
>
>Liebe Gruesse/Regards,
>---------------------------------------------------------------
>DI Gregor Karlinger
>mailto:gregor.karlinger@iaik.at
>http://www.iaik.at
>Phone +43 316 873 5541
>Institute for Applied Information Processing and Communications
>Austria
>---------------------------------------------------------------
>
>
>
>
>


-----------------------------------------------------------------------------
Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
   http://www.baltimore.com
Received on Tuesday, 15 May 2001 08:12:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:04 UTC