[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Fw: Reserved characters for a LDAP URI
Wen-Cheng Wang wrote:
Taiwan side believes that the DN component in a LDAP URI should
be:
ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C,%20Ltd.,c=TW
However, Japan side insists that it should be:
ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C%2C%20Ltd.,c=TW
There is one more possibility. ;-)
ou%3DPKI%20IWG%2Co%3DChunghwa%20Telecom%20Co.%5C%2C%20Ltd.%2Cc%3DTW
I think in case of LDAP URLs all these variants are equivalent.
From RFC2255:
Note that any URL-illegal characters (e.g., spaces), URL special
characters (as defined in section 2.2 of RFC 1738) and the reserved
character '?' (ASCII 63) occurring inside a dn, filter, or other
element of an LDAP URL MUST be escaped using the % method described
in RFC 1738 [5]. If a comma character ',' occurs inside an extension
value, the character MUST also be escaped using the % method.
As I understand this the ',' MUST be escaped in extensions but MAY be
escaped in dn, filter, etc. as well.
Ciao, Michael.