Re: equal character forbidden in DN

[Hallvard B Furuseth <h.b.furuseth@usit.uio.no>]

Pierangelo Masarati writes:
>To: "Hallvard B Furuseth" <h.b.furuseth@usit.uio.no>
>
>> That's a bug in RFC 2253: Section 2.4 (ASN.1 DN => string) says '=' need
>> not be escaped, but section 3 (string => DN) says '=' must be escaped.
>> Unescaped '=' will be allowed in the upcoming revised LDAP spec,
>> see <http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-dn-14.txt>.
> 
> I don't see any difference in '=' escaping in that draft...

RFC2253 section 3:
  attributeValue = string,
  string         = *( stringchar / pair ) / ...
  stringchar     = <any character except one of special, "\" or QUOTATION>,
                                                ^^^^^^^
  special        includes "=".

Draft section 3:
  ; The following characters are to be escaped when they appear
  ; in the value to be encoded: ESC, one of <escaped>, leading
                                            ^^^^^^^^^
  ; SHARP or SPACE, trailing SPACE, and NULL.
  string         = ...
  escaped        = DQUOTE / PLUS / COMMA / SEMI / LANGLE / RANGLE
And the grammar:
  attributeValue = string / ...
  string         = leadchar [*stringchar trailchar] and <pair>s / ...,
  leadchar, stringchar, trailchar = LUTF1, TUTF1, SUTF1 and more,
  LUTF1, TUTF1 and SUTF1 all include %3D ("=").

-- 
Hallvard