[Date Prev][Date Next]
RE: Binary Syntax (consensus confirmation)
I totally agree with Ron.
;binary is defined and it have to be correctly encoded.
My Server looks in the value for a UserCertificate;binary
and validate the syntax and the client gets an error if it
is not correctly encoded.
Why should I use ;binary for an OctetString ?
Binary was invited to transfer complex ASN.1 syntaxes (e.g.
Certificates, Revokationlsits etc) over the LDAP V3 protocol without
defining a String representation for this attributes.
A Client which want to handle this types of attributes
should be able to handle ASN.1.
> -----Original Message-----
> From: Ramsay, Ron [mailto:Ron.Ramsay@ca.com]
> Sent: Dienstag, 18. Dezember 2001 05:49
> To: Kurt D. Zeilenga; ietf-ldapbis@OpenLDAP.org
> Subject: RE: Binary Syntax (consensus confirmation)
> I find this a tad extraordinary.
> RFC 2252 Section 6.2 Binary:
> Values in this syntax are encoded as described in section 4.3.1.
> 4.3.1 describes the binary transfer of values, therefore
> tying ;binary to
> the binary syntax.
> Values encoded in the Binary syntax are encoded in BER. For
> those of us
> working with X.500, we know that all values are encoded in
> BER and many of
> them have a suitable syntax (X.520). For those that don't
> have a defined
> syntax, the actual syntax must surely be ANY.
> How anyone felt any justification to use binary to mean octet
> string leaves
> me breathless!
> I know the IETF members complain about the cost of the
> standards and so try
> and play it by ear, but the standard is the standard. We are
> not talking
> whois or ph here.
> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
> Sent: Tuesday, 18 December 2001 14:33
> To: ietf-ldapbis@OpenLDAP.org
> Subject: Binary Syntax (consensus confirmation)
> The definition of the binary syntax [RFC2252] (not to be confused
> with the ;binary transfer option) was discussed during the LDAPbis
> session at IETF#52.
> RFC 2252 failed to provide an ASN.1 data definition for the
> binary syntax. There are at least two different interpretations:
> a) OCTET STRING constrained to a BER-encoded data
> b) ANY
> Implementations of both exist in the wild, they do not
> interoperate when ;binary is used.
> In summary, the proponents of a) argue that it is more useful
> as servers tend to preserve values (but not representations)
> while proponents of b) argue that it is more consistent with the
> literal reading of RFC 2252. A poll of the room appeared to
> favored a) over b), the chairs were not conformable in declaring
> consensus (even rough).
> The chair suggested that the specification for the binary syntax
> be removed and the reasons why (ambiguous definition) be detailed
> in the document's informative appendix detailing changes since
> RFC 2252. A poll of the room indicated strong consensus for this
> Unless there is significant objection voiced from the WG, it shall
> be assumed the WG consensus is to implement this approach.
> Regards, Kurt