[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Escaping within distinguished names: RFC 2253

To: Mark Wahl <M.Wahl@INNOSOFT.COM>
Subject: Re: Escaping within distinguished names: RFC 2253
From: Scott Seligman <scott.seligman@eng.Sun.COM>
Date: Tue, 25 May 1999 20:16:15 -0700
Cc: ietf-ldapext@netscape.com
In-reply-to: "Your message of Tue, 25 May 1999 14:52:43 CDT." <6057.927661963@threadgill.austin.innosoft.com>
Resent-date: Tue, 25 May 1999 20:16:27 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"QNFuqD.A.goC.Ce2S3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

I asked:

> 1.  What is the precise meaning of "whitespace" as used here?

Mark writes:

>ASCII 32.
>
>   Implementations MUST allow for space (' ' ASCII 32) characters to be
>   present between name-component and ',', between attributeTypeAndValue
>   and '+', between attributeType and '=', and between '=' and
>   attributeValue.  These space characters are ignored when parsing.

Yes, and it's clear that only space characters are allowed before '='
and '+'.  However, just before the cited paragraph, the RFC says:

   Implementations MUST...
   allow whitespace characters to be present on either side of the comma
   or semicolon.  The whitespace characters are ignored....

This is what suggested to me that whitespace might have some other
definition, otherwise why word things differently and why reiterate
the rule for commas?  But granting that it's been clarified that
whitespace includes only space characters, we get to Jim's question:

>If whitespace only includes space characters, do these problems go away?

Not quite.  Section 4 requires parsers to handle RFC 1779 names, and
those names may contain carriage return <CR> characters that get
ignored.  So we wind up with no unambiguous answer to questions such
as:  What is the value of the CN attribute in the name "CN=<CR>ab"?

Jim also writes:

>I think ["whitespace"] should be defined in the BNF as it is throughout
>RFC2251 (throught the use of the whsp definition).

I think Jim meant RFC 2252, in which "whsp" is defined as spaces
only.  This fits with what Mark said.

To resolve the problem of parsing RFC 1779 names, we could then require both
spaces and carriage returns to be escaped when they appear at the start or
end of an attribute value.

Chris writes:

>In other words, the parsing should handle
>escaped or non-escaped "#" symbols but applications should only generate
>values that follow the grammar.

A good rule of thumb when implementing standards is to be conservative
in what you generate and liberal in what you accept.  Even so, the
RFC as it stands is self-contradictory and should be fixed.  Section 2.4
allows the name "CN=a#b" to be generated, while the grammar in section 3
does not allow it to be parsed.

Scott Seligman
Java Software Engineering
Sun Microsystems

References:
- Re: Escaping within distinguished names: RFC 2253
  - From: Mark Wahl <M.Wahl@INNOSOFT.COM>

Prev by Date: $40 Flat Rate Long Distance!
Next by Date: Comments on draft-ietf-ldapext-reqts-01.txt - repost
Index(es):
- Chronological
- Thread