- From: Herry <herrykoh@yahoo.com>
- Date: Wed, 23 Jan 2002 11:50:47 +0800 (CST)
- To: w3c-ietf-xmldsig@w3.org
Hi All, this is a response to a discussion thread in the xmldsig mailing list in Sept last year. I was digging through the archive when I found this :) (copied below). I am seeking some clarification on what is the current W3C RECOMMENDATION pertaining to the encoding. With your current proposed recommendation http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/ in sectin 4.4.4, it was mentioned : [... Escape all occurences of ASCII control characters (Unicode range \x00 - \x20) by replacing them with "\" followed by a two digit hex number showing its Unicode number. Since a XML document logically consists of characters, not octets, the resulting unicode string is finally encoded according to the character encoding used for producing the physical representation of the XML document. ...] which I take it to mean( please correct me if I am wrong) that for example, a (short) DName [CN=My Name] will translate, in the physical XML document, to [CN=My\20Name]. However in the draft mentioned the mail below, the Unicode range was 'shortened' to (\x00 - \x1f) which excludes the space (with the exception of the trailing space) So if I have an application that needs to support W3C _proposed recommendation_, should the DName end up like [CN=My\20Name]? Just seeking some clarification. Regards, Herry. From: Joseph Reagle <reagle@w3.org> To: merlin <merlin@baltimore.ie>, Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, <gregor.karlinger@iaik.at>, bal@microsoft.com Date: Fri, 14 Sep 2001 12:58:38 -0400 Cc: XML Signature WG <w3c-ietf-xmldsig@w3.org> Message-Id: <20010914165839.788E987561@policy.w3.org> Subject: Re: X509SubjectName and binary values On Thursday 13 September 2001 06:14, merlin wrote: > Hi Christian, > I would summarize our encoding (assuming the changes recently > discussed on the list) as: > > Translation from RFC 2253 -> XMLDSIG: > > . UTF-8 decode the string. > . Encode characters < ' ' as "\XY". > . Replace any trailing "\ " in the full dname with "\20". > > Translation from XMLDSIG -> RFC 2253: > > . Replace any trailing "\20" with "\ ". > . Replace any "\XY" with the corresponding character. > . UTF-8 encode the string. > > Broadly, this is RFC 2253 without the UTF-8 encoding step, > with all characters < ' ' encoded as "\XY" and any trailing > "\ " in the full dname replaced with "\20". Given no objection to my summary/proposal [1], I've moved the escape of whitespace to those only occuring at the end of DNAME as you proposed: [ http://www.w3.org/Signature/Drafts/xmldsig-core/#sec-X509Data $Revision: 1.123 $ on $Date: 2001/09/14 16:55:21 $ ... * Escape all occurrences of ASCII control characters (Unicode range \x00 - \x [INS: 1f :INS] ) by replacing them with "\" followed by a two digit hex number showing its Unicode number. * [INS: Escape any trailing white space by replacing "\ " with "\20". :INS] ] [1] http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2001JulSep/0217.html > To be honest, I would be cautious about the text that we have > in XMLDSIG; it duplicates material from RFC 2253 and may lose > clarity in so doing. If you'd like to an improvement, please do! __________________________________________________ Do You Yahoo!? Yahoo! Mobile - Jazz up your mobile phone! Get funky ringtones and logos! http://mobile.yahoo.com.sg/
Received on Tuesday, 22 January 2002 22:51:08 UTC