[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Fw: Reserved characters for a LDAP URI

To: Wen-Cheng Wang <wcwang@cht.com.tw>
Subject: Re: Fw: Reserved characters for a LDAP URI
From: Michael Ströder <michael@stroeder.com>
Date: Mon, 23 Dec 2002 11:48:11 +0100
Cc: ietf-ldapbis@OpenLDAP.org, ietf-pkix@imc.org
In-reply-to: <00b701c2a98f$d19dea80$4f85900a@wcwang>
References: <00b701c2a98f$d19dea80$4f85900a@wcwang>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130

Wen-Cheng Wang wrote:


Taiwan side believes that the DN component in a LDAP URI should
be:

ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C,%20Ltd.,c=TW

However, Japan side insists that it should be:

ou=PKI%20IWG,o=Chunghwa%20Telecom%20Co.%5C%2C%20Ltd.,c=TW


There is one more possibility. ;-)

ou%3DPKI%20IWG%2Co%3DChunghwa%20Telecom%20Co.%5C%2C%20Ltd.%2Cc%3DTW

I think in case of LDAP URLs all these variants are equivalent.

From RFC2255:

   Note that any URL-illegal characters (e.g., spaces), URL special
   characters (as defined in section 2.2 of RFC 1738) and the reserved
   character '?' (ASCII 63) occurring inside a dn, filter, or other
   element of an LDAP URL MUST be escaped using the % method described
   in RFC 1738 [5]. If a comma character ',' occurs inside an extension
   value, the character MUST also be escaped using the % method.

As I understand this the ',' MUST be escaped in extensions but MAY be escaped in dn, filter, etc. as well.

Ciao, Michael.

Follow-Ups:
- Re: Fw: Reserved characters for a LDAP URI
  - From: "Wen-Cheng Wang" <wcwang@cht.com.tw>

References:
- Fw: Reserved characters for a LDAP URI
  - From: "Wen-Cheng Wang" <wcwang@cht.com.tw>

Prev by Date: Fw: Reserved characters for a LDAP URI
Next by Date: I-D ACTION:draft-ietf-ldapbis-syntaxes-04.txt
Index(es):
- Chronological
- Thread