ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Comment on ESS and Privacy Marks

1998-03-27 01:34:41
from [John Ross] [Permanent Link] 
The problem with the current proposal is not only on origination, but on
reception. An implementation which understands the X.411 label will expect
printable string and not expect UTF-8, so what does it do if the UTF-8
string contains extended characters, it may try to display them as printable
characters, it may not?

I agree with Chris that a more elegant solution to this problem would be to
define a security category to convey the enhanced string value?  this offers
a fully flexible solution which uses the valid extension mechanism provided
by the X.411 label .

John Ross


-----Original Message-----
From: Paul Hoffman / IMC <phoffman(_at_)imc(_dot_)org>
To: ietf-smime(_at_)imc(_dot_)org <ietf-smime(_at_)imc(_dot_)org>
Date: Thursday, March 26, 1998 9:51 AM
Subject: Re: Comment on ESS and Privacy Marks



At 11:09 AM 3/26/98 -0500, Bonatti, Chris wrote:

I think that expanded character sets are generally useful, but you need to
recognize that you're not necessarily working from a blank slate.  The

label

in the previous ESS draft was aligned with the X.411 security label.  This
label structure has gained a fair amount of acceptance, and is used in a
number of areas including X.500, and non-OSI systems.  I was pleased to

see

it appear in ESS.  Changing the privacy-mark field makes the ESS label
incompatible with the existing X.411 security label structure.  Using an
alternate encoding or character set for the existing field is certain to
impact existing implementations that provide and consume security labels.


If the MUA creating the privacy mark wants to be compliant with X.411, it
can: it chooses the pString value in ESSPrivacyMark. If it wants to have
their mark use characters outside the PrintableString charset (for
instance, if the mark needs to include a non-ASCII text character or if the
sender wants to include an Internet mail address in the privacy mark), it
uses the utf8String value. The current label is *not* incompatible with
X.411; one of the two choices is. It is quite easy to create
X.411-compatible privacy labels if what you want to say in the label
doesn't need any characters outside the PrintableString charset.

--Paul Hoffman, Director
--Internet Mail Consortium
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: 'Signature Purpose' attribute?, John Pawling
Next by Date:  Re: Signed Label (was RE: 'Signature Purpose' attribute?), John Ross
Previous by Thread:  Re: Comment on ESS and Privacy Marks, Paul Hoffman / IMC
Next by Thread:  Re: Comment on ESS and Privacy Marks, John Pawling
Indexes:  [Date] [Thread] [Top] [All Lists]