Re: Encoding of Strings in DNames (X509IssuerSerial, X509SubjectName)

On Wednesday 16 January 2002 08:21, Gregor Karlinger wrote:
> (1) We claim that these instructions are conforming with RFC 2253 [2].
> This is currently not true, since RFC 2253 demands the escaping of the
> whitespace character (ASCII code \x20) at the beginning and at the end of
> the string (see section 2.4).

Ok, I can see an editorial tweak in the bullet list at the top of 4.4.4 [1] 
so as to not refer to 2253 but to the specific text at the end of this 


However, with respect to what you propose below what are the diff's with 
what we have presently? Are you advocating we drop the last two bullets in 
[1]? Or is your third bullet the only diff?
  Escape all occurrences of ASCII control characters (Unicode 
  range \x00 - \x 1f) by replacing them with "\" followed by a two
  digit hex number showing its Unicode number.
  * Escape control characters that are not XML characters (\x00-\x08,
     \x0B-\x0C, \x0E-\x19).

> (2) (a fundamental problem): The instructions in section 2.4 of [2]
> operate on a UTF8-String, i. e. in the octet domain. Our instructions
> operate on a Unicode string, i. e. in the character domain. Therefore I
> consider it useless to try to conform to RFC 2253 with the current
> instructions.
> To solve the problems, I suggest:
> - Do not state that the encoding of DNames conforms with RFC 2253, rather
>   state that our instructions are similar to that of RFC 2253 (only
> similar because of the domain difference).
> - Modify the instructions as follows:
>   * Consider the string as consisting of Unicode characters.
>   * Escape occurrences of the following special characters by
>     prefixing it with the "\" character:
>     - a "#" occurring at the beginning of the string
>     - one of the characters ",", "+", """, "\", "<", ">" or ";"
>   * Escape control characters that are not XML characters (\x00-\x08,
>     \x0B-\x0C, \x0E-\x19).
>   This is sufficient in order to produce text that consists of valid
>   XML characters, and to be able to reparse the DName string.

Received on Wednesday, 16 January 2002 14:23:49 UTC