0009528: 4.2 URIs: OpenSSL bug makes Tag URIs invalid as ApplicationUris

ID	Project	Category	View Status	Date Submitted	Last Update

0009528	10000-003: Address Space	Spec	public	2024-04-24 21:34	2024-05-05 10:58

Reporter	Randy Armstrong	Assigned To
Priority	immediate	Severity	major	Reproducibility	always
Status	new	Resolution	open
Product Version	1.05.04 RC1
Target Version	1.05.04 RC1

Summary	0009528: 4.2 URIs: OpenSSL bug makes Tag URIs invalid as ApplicationUris
Description	The OpenSSL specification thinks the URI in a x509 has to be a valid URL and cannot deal with comma in the tag URI syntax. We need to prohibit tag URIs as ApplicationUris or remove Tag URIs from the spec. https://reference.opcfoundation.org/Core/Part3/v105/docs/4.2
Tags	No tags attached.

Commit Version
Fix Due Date

Randy Armstrong 2024-04-25 17:18 administrator ~0021155	OpenSSL provides an API where the elements of the SAN can be passed one at a time and this API works fine in preserving the comma in the URI.

Matthias Damm 2024-05-05 10:58 developer ~0021159	The definition in Part 3 conflicts with the definition in Part 6 Part 6 6.2.2 Application Instance Certificate Table 36 – Application Instance Certificate subjectAltName The alternate names for the application Instance. Shall include a uniformResourceIdentifier which is equal to the applicationUri. The URI shall be a valid URL (see RFC 3986) or a valid URN (see RFC 8141).

Date Modified	Username	Field
2024-04-24 21:34	Randy Armstrong	New Issue
2024-04-25 17:18	Randy Armstrong	Note Added: 0021155
2024-05-05 10:58	Matthias Damm	Note Added: 0021159