W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2001

Re: AW: AW: KeyName white space

From: merlin <merlin@baltimore.ie>
Date: Tue, 15 May 2001 13:12:00 +0100
To: "Tom Gindin" <tgindin@us.ibm.com>
Cc: "Gregor Karlinger" <gregor.karlinger@iaik.at>, w3c-ietf-xmldsig@w3.org
Message-Id: <20010515121200.6DEDD43C15@yog-sothoth.ie.baltimore.com>

There's another issue that seems relevant. RFC 2253 states
that strings must be converted to UTF-8 and then the escaping
rules must be applied. Do we honour this, or should we UTF-8
decode the RFC2253 string before embedding it in the text node.

Essentially, should the final example in RFC 2253 be encoded
in XML as:

UTF-8 encode and require ASCII escaping of high-bit-set chars:

UTF-8 encode and embed the result directly:
  SN=Lu??i?? (where ? is a high-bit UTF-8 byte directly embedded)
  (Here the meaning is confusing because the UTF-8 encoded
   text will correspond to some other Unicode charactes, e.g. )

De-UTF-8 and embed the Unicode original:
  SN=Lu?i? (where ? is the original character)

The last seems like the best option to me.

Plus require escaping of all ASCII controls.


>     I would like to require the escaping of all ASCII controls in DN's in
>XMLDSIG (I was not precise enough last time, and what I said could have
>been interpreted as having wider scope) because otherwise standard trimming
>routines may eliminate characters which somebody left in a DN
>intentionally, as is permitted by RFC 2253.  It is my impression that
>standard trimming routines tend to remove horizontal tab, for example, in
>the same positions where they remove space.
>          Tom Gindin
>"Gregor Karlinger" <gregor.karlinger@iaik.at> on 05/15/2001 07:10:53 AM
>To:   Tom Gindin/Watson/IBM@IBMUS
>cc:   <w3c-ietf-xmldsig@w3.org>
>Subject:  AW: AW: KeyName white space
>> require it to start with an alphanumeric, trimming any leading whitespace
>> would be safest.
>Yes, and this requirement should be stated in XML-Signature.
>>      So I think considering unescaped spaces at either end of a DN to be
>> part of it is actually in violation of RFC 2253.  However, and very
>> strangely, no similar requirement exists for horizontal tab or line feed,
>> while carriage return must be escaped according to RFC 1779 but not 2253.
>> Should we require that XMLDSIG implementations escape all ASCII control
>> characters as well?
>Why would you like to require such an escaping?
>Liebe Gruesse/Regards,
>DI Gregor Karlinger
>Phone +43 316 873 5541
>Institute for Applied Information Processing and Communications

Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
Received on Tuesday, 15 May 2001 08:12:25 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:04 UTC