You say below that the type information is lost under RFC 2253, as if it is
preservered under RFC 1779. It is not. The discussion in RFC 2253 applies to
*all* LDAP DNs - it's a consequence of the string representation. It is
therefore not possible to tell if the encoding of an AVA is T.61 or not.
Conversion to UTF-8 is probably the only way to make it unambiguous.

> -----Original Message-----
> From: Chris Ridd [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, 5 November 1999 19:34
> To:   [EMAIL PROTECTED]
> Cc:   [EMAIL PROTECTED]
> Subject:      Re: DN formats 
> 
> On 03 Nov 1999 20:04:07 EST, William M. Perry wrote:
> > "Ramsay, Ron" <[EMAIL PROTECTED]> writes:
> > 
> > > I don't have an opinion on producing LDAP DNs but I think you should
> use
> > > the v3 form (RFC 2253) rather than the v2 form.
> > 
> > Well, 1485 is obsoleted by 1779, which is then in turn obsoleted by
> 2253.
> > I'd say go with the least obsolete format, which seems to be 2253, which
> is
> > useful outside of LDAP.
> > 
> > -Bill P.
> 
> Yes, I considered RFC 2253. The problem with this is that all the 
> attribute values will need to be converted into UTF-8.
> 
> The problem with that is two-fold:
> 
> 1) Converting T.61 into Unicode is non-trivial;
> 2) Useful type information is lost, ie was the value 
> PrintableString/T.61/etc. See RFC 2253 section 7.2 for some discussion 
> on this, and why this is a problem.
> 
> I think the conversion problem is the worst problem. To avoid problem 2 
> the string DN could have the hex form, however that wouldn't make it 
> IMO a very useful string.
> 
> We'd also potentially run into the problem with some vendors assuming 
> that T.61 doesn't actually mean T.61, it means ISO-8859-1. So 
> converting these bogus "T.61" values would produce UTF-8 with bogus 
> characters.
> 
> Sticking with RFC 1779 means problem 1 goes away, but a third problem 
> appears:
> 
> 2) BMPString/UniversalString values can't be represented.
> 
> There appear to be some changes in the CVS repository to move towards 
> supporting the BMPString choice of DirectoryString.
> 
> Cheers,
> 
> Chris
> 
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to