[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Quoted values in string DN

To: "Jim Sermersheim" <jimse@novell.com>
Subject: RE: Quoted values in string DN
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 19 Oct 2004 11:23:51 -0700
Cc: <Ron.Ramsay@ca.com>, <ietf-ldapbis@OpenLDAP.org>
In-reply-to: <s174f226.003@sinclair.provo.novell.com>
References: <s174f226.003@sinclair.provo.novell.com>

At 09:53 AM 10/19/2004, Jim Sermersheim wrote:
>Anyway, I diverge. I agree we can't remove DQUOTE (or even SEMI) as escaped characters in order to support existing clients, but I think some historical note should be added which addresses DQUOTE and SEMI to avoid future head scratching.

Personally, I think adding historical notes, especially on
such minor points as to why DQUOTE is to be escaped, would
distract from the technical specification.  I would rather
someone write a "History of LDAP" I-D which detailed how
LDAP evolved to what it is, and leave this and other LDAPBIS
I-Ds to detail how LDAP is to be implemented.

Kurt

> 
>Jim
>
>>>> "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> 10/18/04 11:06:18 PM >>>
>At 09:15 PM 10/18/2004, Ramsay, Ron wrote:
>>Nothing to do with 'C'. The quoting in RFC 2254 uses '\'.
>>
>>That "Section 2 of RFC 2253 says the RDN is written: ..." is actually the *point* of the thread!
>
>I think the point of this thread is that, regardless of why,
>both [LDAPDN] and [RFC2253] require double quotes in
>distinguished values to be escaped and lifting that requirement
>in [LDAPDN] would be problematic. It would hinder implementation
>support for alternative representations and hence simple
>presentation in prose, but that pales into comparison to the
>interoperability problems that lifting the requirement would
>introduce.
>
>>So, you want to add \" to the ABNF so that you will able to 'quote' DN's in your email? 
>
>No, I am saying that "cn=RL \"Bob\" Morgan" is clearly a
>presentation of the DN string:
>cn=RL \"Bob\" Morgan
>not
>cn=RL "Bob" Morgan
>because the latter is invalid per RFC 2253 (and [LDAPDN]).
>If one were to remove the " escaping requirement, then
>its not clear which DN string is being presented.
>
>
>>-----Original Message-----
>>From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] 
>>Sent: Tuesday, 19 October 2004 13:05
>>To: Ramsay, Ron
>>Cc: <mailto:ietf-ldapbis@OpenLDAP.org>ietf-ldapbis@OpenLDAP.org 
>>Subject: RE: Quoted values in string DN
>>
>>
>>At 06:39 PM 10/18/2004, Ramsay, Ron wrote:
>>>"cn=RL \"Bob\" Morgan,dc=example,dc=com" is not an escaping *within* DNs. In fact, if you pre-escape the quotes in the DN, you would probably have to write "cn=RL \\\"Bob\\\" Morgan,dc=example,dc=com"
>>
>>maybe in C or other programming language, but I was talking
>>in English prose (such as in an email message like this):
>>
>>If the distinguished value of the cn naming attribute is
>> RL "Bob" Morgan
>>then Section 2 of RFC 2253 says the RDN is written:
>> cn=RL \"Bob\" Morgan
>>
>>>so I don't see that it helps!
>>
>>Because one quote the (R)DN string in prose, e.g.
>>"cn=RL \"Bob\" Morgan", without ambiguity as to where
>>that string starts and stops.
>>
>>
>>>Ron
>>>
>>>-----Original Message-----
>>>From: <mailto:owner-ietf-ldapbis@OpenLDAP.org>owner-ietf-ldapbis@OpenLDAP.org 
>>> [mailto:owner-ietf-ldapbis@OpenLDAP.org]On Behalf Of Kurt D. Zeilenga
>>>Sent: Tuesday, 19 October 2004 03:57
>>>To: Jim Sermersheim
>>>Cc: <mailto:ietf-ldapbis@OpenLDAP.org>ietf-ldapbis@OpenLDAP.org ; Ravi Kiran Jayanthi; Tom Doman;
>>> <mailto:c.harding@opengroup.org>c.harding@opengroup.org 
>>>Subject: Re: Quoted values in string DN
>>>
>>>
>>>At 09:52 AM 10/18/2004, Jim Sermersheim wrote:
>>>>I'm told that the VSLDAP test suite requires that v3 servers parse DN values containing quoted values.
>>>> 
>>>>I know the string dn bis document removed Section 4 from RFC 2253. Justification is given in < <http://www.openldap.org/lists/ietf-ldapbis/200012/msg00065.html>http://www.openldap.org/lists/ietf-ldapbis/200012/msg00065.html > http://www.openldap.org/lists/ietf-ldapbis/200012/msg00065.html . I have two questions:
>>>> 
>>>>1) can we summarize the justification, and add it to bullet #5 in Appendix B of string DN?
>>>
>>>In response to a previous comment (from Hallvard?), I plan to
>>>replace the bullet:
>>>- Replaced specification of additional requirements for LDAPv2
>>> implementations which also support LDAPv3 (RFC 2253, Section 4)
>>> with a statement (in Section 3) allowing recognition of
>>> alternative string representations.
>>>
>>>with the following two:
>>>- Removed specification of additional requirements for LDAPv2
>>>implementations which also support LDAPv3 (RFC 2253, Section 4)
>>>as LDAPv2 is now Historic.
>>>- Allow recognition of alternative string representations.
>>>
>>>>2) why did we reserve the need to escape double quote characters (see DQUOTE in escaped, in the ABNF)?
>>>
>>>For two reasons. 1) To allow recognition of alternative string representations in which DQUOTEs are special. 2) To allow
>>>DQUOTEs (like <>s) to be used to quote whole DN strings (e.g., a
>>>DN string can be written "cn=RL \"Bob\" Morgan,dc=example,dc=com"
>>>without confusing the wrapping quotes as being part of the DN
>>>string).
>>>
>>>Kurt

Follow-Ups:
- RE: Quoted values in string DN
  - From: Ted Hardie <hardie@qualcomm.com>

References:
- RE: Quoted values in string DN
  - From: "Jim Sermersheim" <jimse@novell.com>

Prev by Date: RE: Quoted values in string DN
Next by Date: RE: Quoted values in string DN
Index(es):
- Chronological
- Thread