On Sep 2, 2010, at 11:16 AM, Michael Ströder wrote: > Kurt Zeilenga wrote: >> Use of IA5 in X.500/LDAP directory services should be avoided. In general, >> one should use DirectoryString. > > I somewhat disagree. I think one should use the string type which matches the > particular requirement - not more.
First, for descriptive text, I note that the IETF did state in BCP 118: LDAP is designed to support the full Unicode [Unicode] repertory of characters. Extensions SHOULD avoid unnecessarily restricting applications to subsets of Unicode (e.g., Basic Multilingual Plane, ISO 8859-1, ASCII, Printable String). But here we're actually not talking about descriptive text but text which mets a particular (application's) requirement, such as an application identifier. In this content, I note is generally no string type that would match a particular (application's) requirement for a string. For instance, in the application uses discussed here, are control characters allowed? is NUL (0x00) allowed? Likely not. But they are allowed by the string types (both DirectoryString and IA5String). So one generally ends up having deal with characters which are allowed by the string type but not by the (application's) requirement no matter what. And it should also be noted that the choice of type is often tied to suitability and availability matching rules. As noted in this thread, the full range of matching found with DirectoryString is not generally available for IA5String. (Of course, many applications will have matching requirements which don't align well with the available matching rules.) But note that I am speaking in generalities, offering a general recommendation. They may be a particular case where a good argument could be for use of IA5 string in a new attribute. -- Kurt
