Re: AW: LDAP Certificate transfer syntax

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 10:44 AM 2002-04-09, Fantou Patrick wrote:
>I am not sure this discussion really brings us further.

I think this discussion is bringing us further along.  It has,
at least, boiled down this particular debate to one issue:
   whether or not ;binary is required when the binary
   encoding of a value is transferred in the protocol.

>There is no choice with some attributes like certificates.

I would have to agree that this is no choice.  But I think
we disagree on what that choice is.

One must transfer certificates in their binary encoding as
indicates by ;binary.   Note only is this the intent of RFC
2251, but we have demonstrated interoperability between
multiple independently developed implementations of this.

Others have argued that RFC 2251 could be read otherwise.
That's a good reason for clarifying the specification.  It's
a lousy reason for making changes which would cause implementations
which interoperate today to fail to interoperate with
implementations of the future specification.

>I fully support David´s proposal:
>"The use of the ;binary encoding option, i.e. by
>requesting or returning the attributes with descriptions
>"userCertificate;binary" or "caCertificate;binary" has no effect on the
>transfer syntax."

Noted.