- From: ZOHAR,ILAN (HP-Cupertino,ex1) <ilan_zohar@hp.com>
- Date: Tue, 19 Jun 2001 17:51:25 -0400
- To: "'w3c-ietf-xmldsig@w3.org'" <w3c-ietf-xmldsig@w3.org>
XMLDsig describes X509IssuerName and X509Subject name as RFC2253 compliant see http://www.w3.org/Signature/Drafts/xmldsig-core/#sec-X509Data The X509IssuerSerial element, which contains an X.509 issuer distinguished name/serial number pair that SHOULD be compliant with RFC2253 [LDAP-DN], The X509SubjectName element, which contains an X.509 subject distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN], Examination of RFC2253 http://www.ietf.org/rfc/rfc2253.txt shows that those fields should be described by AttributeTypeAndValue's separated by commas which are converted to AttributeType and "=" and AttributeValue AttributeValue when represented by a string (see section 2.4 of rfc2253) is exactly that string. An XML document may be written in different equivalent ways, one of them can divide a distinguished name value in the middle by a LF/CR character. The question is where in the standard can one find the treatments of those Linefeed characters? Which is the correct case? 1. is equivalent to 2. but not to 3.? or 2. equivalent to 3. rather than 1. or all are equivalent? is 1. <X509IssuerName>CN=Steve Kille</X509IssuerName> identical (or more accurately) equivalent to 2. <X509IssuerName>CN=Steve Kille</X509IssuerName> or rather 2 is equivalent to 3. and not 1. 3. <X509IssuerName>CN=Steve Linefeed Kille</X509IssuerName> Thanks, Ilan Zohar Hewlett Packard
Received on Tuesday, 19 June 2001 18:14:45 UTC