IETF Logo Mail Archive

Re: [pkix] [apps-discuss] character repertoire for fragment identifiers

Sam Ruby <rubys@intertwingly.net> Mon, 12 January 2015 02:24 UTC

Return-Path: <rubys@intertwingly.net>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D4791A899E for <pkix@ietfa.amsl.com>; Sun, 11 Jan 2015 18:24:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id quGRI2ecaP6D for <pkix@ietfa.amsl.com>; Sun, 11 Jan 2015 18:23:59 -0800 (PST)
Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.231]) by ietfa.amsl.com (Postfix) with ESMTP id 16A951A8871 for <pkix@ietf.org>; Sun, 11 Jan 2015 18:23:59 -0800 (PST)
Received: from [98.27.51.253] ([98.27.51.253:41036] helo=rubix) by cdptpa-oedge01 (envelope-from <rubys@intertwingly.net>) (ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTP id 1C/BF-30379-E3033B45; Mon, 12 Jan 2015 02:23:58 +0000
Received: from [192.168.1.115] (unknown [192.168.1.115]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: rubys) by rubix (Postfix) with ESMTPSA id 431F6140B53; Sun, 11 Jan 2015 21:23:58 -0500 (EST)
Message-ID: <54B3303D.2040508@intertwingly.net>
Date: Sun, 11 Jan 2015 21:23:57 -0500
From: Sam Ruby <rubys@intertwingly.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Sean Leonard <dev+ietf@seantek.com>
References: <20140926010029.26660.82167.idtracker@ietfa.amsl.com> <DM2PR0201MB09602B351692D424A49C6B0DC3650@DM2PR0201MB0960.namprd02.prod.outlook.com> <CACweHNBN_Bv=jeXQ_VwXi2HzHKNEwZJ1NiF-BJJo_9-mhO60gQ@mail.gmail.com> <54A557E1.6050502@intertwingly.net> <CACweHNCQZg1U1u8U=-f6h0+BPnp6Wr_T=r_wGiPAbhTbuMCGWQ@mail.gmail.com> <54A94109.5010901@intertwingly.net> <00cf01d02cc7$d5dba4c0$4001a8c0@gateway.2wire.net> <54B16C2B.9050604@seantek.com> <54B17BBE.4000900@intertwingly.net> <54B18B61.8010308@seantek.com> <54B19435.8070401@intertwingly.net> <54B1B211.3050807@seantek.com> <54B1B682.3070609@intertwingly.net> <54B28E0F.8070306@gmx.de> <54B2936B.7030805@intertwingly.net> <05AD7DE2-1C54-45CD-B33A-13766D771E57@mnot.net> <54B2A2CD.5080502@gmx.de> <1A5BBD25-FEBD-49B1-9EFB-4EF8877BF0E7@mnot.net> <54B2A4F9.2070909@gmx.de> <54B2A894.4020201@intertwingly.net> <54B2F4C3.5020008@seantek.com> <54B2F806.2090509@intertwingly. net> <54B2FCCE.4000304@seantek.com>
In-Reply-To: <54B2FCCE.4000304@seantek.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-RR-Connecting-IP: 107.14.168.118:25
X-Cloudmark-Score: 0
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/hAHhIlbWKs6evDBCotUT2sVCPR8>
X-Mailman-Approved-At: Mon, 12 Jan 2015 07:56:06 -0800
Cc: "pkix@ietf.org" <pkix@ietf.org>, apps-discuss@ietf.org
Subject: Re: [pkix] [apps-discuss] character repertoire for fragment identifiers
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jan 2015 02:24:00 -0000

On 01/11/2015 05:44 PM, Sean Leonard wrote:
> On 1/11/2015 2:24 PM, Sam Ruby wrote:
>>
>> The next question is: are all possible URIs valid GeneralNames?
>>
>> Here are two examples:
>>
>> data:image/gif;base64,R0lGODlhyAAiALM...DfD0QAADs=
>
> Yes. Use case: Certificate Image. RFC 6170 (previously RFC 3709).
>
>> https://www.ietf.org/#related
>
> Yes. Use case: Certification Practice Statement (CPS) Pointer
> (Certificate Policies, id-qt-cps). Section 4.2.1.4 of RFC 5280. I have
> seen fragments in there in the wild.
>
> Both examples are valid.
>
> Note: the examples I provide here are actually examples where the URIs
> are encoded directly in IA5Strings; there is no GeneralName CHOICE. But
> the premise still stands. Others with PKIX experience can point to
> systems/protocols where uniformResourceIdentifier is in use with the
> appropriate.
>
> One offhand example that I was able to find, via a Google search, is the
> GS1 Certificate Profile Standard v2.0
> <http://www.gs1.org/gsmp/kc/epcglobal/cert/cert_2_0-standard-20100610.pdf>.
> That happens to use GeneralName. It's a bit elliptical, and refers to
> RFC 4043 (which I rarely see), but...it's there.

Thanks!  This input is helpful.  I don't see where it clearly states 
that fragments are allowed, but then again, I don't see where it says 
that they would be disallowed.  That coupled with your statement that 
you have seen them in practice (however rare) is valuable input.

> Sean

- Sam Ruby

v2.23.0 | Report a Bug | By Email