[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Fw: Reserved characters for a LDAP URI
Dear Michael,
Thanks for your comment. Yes, as I said in my last email, I believe
that all the following encodings for the DN component in a LDAP URI
will all equivalent.
1. ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C,%20Ltd.,c=TW
2. ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C%2C%20Ltd.,c=TW
3. ou=PKI%20IWG%2Co=Chunghwa%20Telecom%20Co.%5C%2C%20Ltd.%2Cc=TW
4. ou%3DPKI%20IWG%2Co%3DChunghwa%20Telecom%20Co.%5C%2C%20Ltd.%2Cc%3DTW
5.
%6F%75%3D%50%4B%49%20%49%57%47%2C%6F%3D%43%68%75%6E%67%68%77%61%20%54%65%6C%
65%63%6F%6D%20%43%6F%2E%5C%2C%20%4C%74%64%2E%2C%63%3D%54%57
They are equivalent because RFC 1738 Section 2.2 says that:
On the other hand, characters that are not required to be encoded
(including alphanumerics) may be encoded within the scheme-specific
part of a URL, as long as they are not being used for a reserved
purpose.
However, it seems that RFC 2369 now deprecate encoding characters
that are not required to be encoded. In RFC 2369 Section 2.3, it says that:
Unreserved characters can be escaped without changing the semantics
of the URI, but this should not be done unless the URI is being used
in a context that does not allow the unescaped character to appear.
So, I believe that the first is the prefered encoding.
Wen-Cheng Wang
Telecommunication Labs,
Chunghwa Telecom Co., Ltd.
----- Original Message -----
From: "Michael Ströder" <michael@stroeder.com>
To: "Wen-Cheng Wang" <wcwang@cht.com.tw>
Cc: <ietf-ldapbis@OpenLDAP.org>; <ietf-pkix@imc.org>
Sent: Monday, December 23, 2002 6:48 PM
Subject: Re: Fw: Reserved characters for a LDAP URI
> Wen-Cheng Wang wrote:
> >
> > Taiwan side believes that the DN component in a LDAP URI should
> > be:
> >
> > ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C,%20Ltd.,c=TW
> >
> > However, Japan side insists that it should be:
> >
> > ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C%2C%20Ltd.,c=TW
>
> There is one more possibility. ;-)
>
> ou%3DPKI%20IWG%2Co%3DChunghwa%20Telecom%20Co.%5C%2C%20Ltd.%2Cc%3DTW
>
> I think in case of LDAP URLs all these variants are equivalent.
>
> From RFC2255:
>
> Note that any URL-illegal characters (e.g., spaces), URL special
> characters (as defined in section 2.2 of RFC 1738) and the reserved
> character '?' (ASCII 63) occurring inside a dn, filter, or other
> element of an LDAP URL MUST be escaped using the % method described
> in RFC 1738 [5]. If a comma character ',' occurs inside an extension
> value, the character MUST also be escaped using the % method.
>
> As I understand this the ',' MUST be escaped in extensions but MAY be
> escaped in dn, filter, etc. as well.
>
> Ciao, Michael.
>
>