Thanks, Mark. It was right at the top of the page where I was looking,
and somehow I missed it.
The definition in the 14 February 1993 version of X.520
is slightly different:
DirectoryString { INTEGER : masSize } ::= CHOICE {
teletexString TeletexString (SIZE (1..maxSize)),
printableString PrintableString (SIZE (1..maxSize)),
universalString UNIVERSAL STRING (SIZE (1..maxSize)) }
(I have quoted this verbatim, but I would assume that UNIVERSAL STRING
should really be UniversalString.)
The same warning, "Some implementations of the Directory do not support
the last of these choices, and will not be able to generate,
match, or display attributes having such a syntax." is still present.
Unfortunately, I don't have a copy of X.208, and the person I would
normally ask is out with pneumonia. Do you know whether
TeletexString is a new name for T61String, and precisely what
characters are included? Likewise for PrintableString and UniversalString?
Perhaps Marshal Rose could comment on his understanding of what directory
implementations currently in the NADF pilot support UniversalString?
My understanding from Steve Dusse at RSA is that Apple was forced to use
a proprietary encoding that is similar to Unicode within their export versions
of
the Apple Open Collaboration Environment, because the Unicode standard
hadn't been completed.
I don't know the specifics of this encoding (nor of Unicode, for that matter),
but I understand that it was intended to support a wider variety of character
sets than say the T61 string, much less the IA5 alphabet.
The possible impact on PEM is that AOCE certificates might include this
proprietary string attribute, which neither PEM nor the Directories could
support.
I don't recall seeing anything in the PEM RFCs that specifies the character
string
attribute that is to be used in X.509 certificates. I hope that it wasn't
restricted to
PrintableString.
I am also unfamiliar with RFC 1522's encoding for non-ASCII character sets. What
does it say?
Thanks,
Bob