[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Empty IA5String
I'm of three minds (at least) about this...
Kurt D. Zeilenga writes:
> The problem I have with empty IA5 strings is that the
> matching semantics of them is not clear, both when
> comparing IA5 strings to IA5 strings, but also when
> comparing IA5 strings to Directory strings.
I don't understand. With stringprep that is currently so, but that's
why we are still working on it...
Pre-stringprep I don't see any problem with comparing IA5 with IA5.
I can see comparing empty IA5 with Directory String could be a problem
if caseIgnoreMatch or whatever expects non-empty strings. On the other
hand, caseIgnoreMatch cannot be used with IA5 String values according to
[syntaxes]. On the third limb, I believe LDAP implementations have been
lax about that (maybe because it was only said somewhere in X.500, not
in the LDAP standard).
> I believe it was the intent of designers of RFC 1274 for the
> IA5String syntax to disallow empty IA5 string values. I
> believe it was their intent that IA5 string values behave
> in a manner consistent with X.500 directory strings.
What the original intent was doesn't seem to relevant by now, but it
does seem likely that implementors will have implemented them to be
consistent with the other syntaxes.
> Note that in RFC 1274 any where that a max size limit was
> stated for a value, it was listed as (1..N) not (0..N).
> This implies that the when no constraint was stated, that
> (1..) was intended.
Why so?
> That is, it can be reasonable argued that it would be a
> change to REMOVE the restriction implied by RFC 1274
> (and possible other ISDs).
Yes.
--
Hallvard