RE: String Serial Number Representation from Gregor Karlinger on 2002-02-06 (w3c-ietf-xmldsig@w3.org from January to March 2002)

From: Gregor Karlinger <gregor.karlinger@iaik.at>
Date: Wed, 6 Feb 2002 14:52:57 +0100
To: "Dournaee, Blake" <bdournaee@rsasecurity.com>, <w3c-ietf-xmldsig@w3.org>
Cc: "Joseph M. Reagle Jr." <reagle@w3.org>
Message-ID: <LBEPJAONIMDADHFHAEAOMEGICNAA.gregor.karlinger@iaik.at>

Blake,

[...]
> In Reference to 4.4.4
>
> "The X509IssuerSerial element, which contains an X.509 issuer
> distinguished
> name/serial number pair that SHOULD be compliant with RFC2253 [LDAP-DN], "
>
> RFC2253 doesn't tell us how to make a string representation of a serial
> number (only attribute types and values). Does the working group put
> constraints on the format of the actual serial number (e.g. HEX
> or Decimal?)
> or is this considered out of scope?

The sentence you cite is misleading (Joseph: should this be added to the
errata document?); it should rather say

  "The X509IssuerSerial element, which consists of an X.509 issuer
   distinguished name (SHOULD be compliant with RFC2253 [LDAP-DN]),
   and a serial number."

In the schema, you can see that the serial number has to be of type
xsi:integer.

   <complexType name="X509IssuerSerialType">
     <sequence>
       <element name="X509IssuerName" type="string"/>
       <element name="X509SerialNumber" type="integer"/>
     </sequence>
   </complexType>

Regards, Gregor

Received on Wednesday, 6 February 2002 08:54:25 UTC