RE: [TLS] Review of draft-housley-tls-authz-extns-05

"Hollenbeck, Scott" <shollenbeck@verisign.com> Mon, 05 June 2006 11:01 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FnCqM-0003Ft-In; Mon, 05 Jun 2006 07:01:58 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FnCqL-0003Fn-4S for tls@ietf.org; Mon, 05 Jun 2006 07:01:57 -0400
Received: from osprey.verisign.com ([216.168.239.75]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FnCqJ-0006Y7-RL for tls@ietf.org; Mon, 05 Jun 2006 07:01:57 -0400
Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id k55B4gJC023820; Mon, 5 Jun 2006 07:04:55 -0400
Received: from dul1wnexmb01.vcorp.ad.vrsn.com ([10.170.12.134]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 5 Jun 2006 07:01:21 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] Review of draft-housley-tls-authz-extns-05
Date: Mon, 5 Jun 2006 07:01:22 -0400
Message-ID: <046F43A8D79C794FA4733814869CDF070152A5E0@dul1wnexmb01.vcorp.ad.vrsn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] Review of draft-housley-tls-authz-extns-05
Thread-Index: AcaHNX30nUMsvvFoShSwXEL/SDYhlgBRkQuwAASzKAA=
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: <Pasi.Eronen@nokia.com>, <hartmans-ietf@mit.edu>
X-OriginalArrivalTime: 05 Jun 2006 11:01:21.0196 (UTC) FILETIME=[60C67EC0:01C6888F]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b
Cc: mark@redphonesecurity.com, tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

> -----Original Message-----
> From: Pasi.Eronen@nokia.com [mailto:Pasi.Eronen@nokia.com] 
> Sent: Monday, June 05, 2006 5:00 AM
> To: hartmans-ietf@mit.edu
> Cc: mark@redphonesecurity.com; tls@ietf.org
> Subject: RE: [TLS] Review of draft-housley-tls-authz-extns-05
> 
> Sam Hartman wrote:
> 
> > p> We also need to specify the character-to-octet encoding (UTF-8
> > p> would be the most logical alternative).
> > 
> > It's my understanding that saying it is XML already gives us that:
> > mandatory UTF8 or UTF16 support at the encoder's option.
> 
> Yes, but the recipient has to know which encoding was used (others 
> than UTF8/UTF16 are permitted). 
> 
> In a complete XML document, the XML declaration usually contains 
> this information (e.g. "<?xml encoding='UTF-8'?>">, but currently
> the AuthorizationData contains just one Assertion element, not
> a complete document.
> 
> I'm not really an XML expert, but I think the options available
> to use would be including this information in the "transport"
> (e.g., specify it's UTF-8, or include a field for encoding name),
> or mandating that AuthorizationData has to include the XML text
> declaration before the Assertion element.
> 
> Any opinions from XML experts?

Section 5.1 of RFC 3470/BCP 70 includes relevant text.  In a nutshell,
UTF-8 is a MUST if you're using XML.  UTF-16 is recommended since you
get it for free with XML parsers, but it's not required.  An XML
declaration is not needed if you're using either UTF-8 or UTF-16.  A
byte order mark is required with UTF-16.  Other encodings are possible,
but if something else is used it must be identified with an appropriate
XML declaration.

-Scott-

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls