[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Fw: Reserved characters for a LDAP URI
I'd start with the proper string representation of the URL (from RFC2253),
which states that the "," in the ou value should be escaped as "\2C"
ou=PKI IWG,o=Chunghwa Telecom Co.\2C Ltd.,c=TW
>From there, convert the string form of the DN to a URL, replacing the space
(%20) and \ (%5C) characters:
ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C2C%20Ltd.,c=TW
John McMeeking
Michael Ströder
<michael@stroeder.co To: Wen-Cheng Wang <wcwang@cht.com.tw>
m> cc: ietf-ldapbis@OpenLDAP.org, ietf-pkix@imc.org
Sent by: Subject: Re: Fw: Reserved characters for a LDAP URI
owner-ietf-ldapbis@O
penLDAP.org
12/23/2002 04:48 AM
Wen-Cheng Wang wrote:
>
> Taiwan side believes that the DN component in a LDAP URI should
> be:
>
> ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C,%20Ltd.,c=TW
>
> However, Japan side insists that it should be:
>
> ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C%2C%20Ltd.,c=TW
There is one more possibility. ;-)
ou%3DPKI%20IWG%2Co%3DChunghwa%20Telecom%20Co.%5C%2C%20Ltd.%2Cc%3DTW
I think in case of LDAP URLs all these variants are equivalent.
From RFC2255:
Note that any URL-illegal characters (e.g., spaces), URL special
characters (as defined in section 2.2 of RFC 1738) and the reserved
character '?' (ASCII 63) occurring inside a dn, filter, or other
element of an LDAP URL MUST be escaped using the % method described
in RFC 1738 [5]. If a comma character ',' occurs inside an extension
value, the character MUST also be escaped using the % method.
As I understand this the ',' MUST be escaped in extensions but MAY be
escaped in dn, filter, etc. as well.
Ciao, Michael.