ietf-smime
[Top] [All Lists]

Re: Tag type for rfc822name

1998-02-03 07:58:57
From: Nilsson Hans <HNN(_at_)ausys(_dot_)se>

The question is: Should it use IMPLICIT or EXPLICIT tags?
Below are two extracts from PKIX-1, which uses IMLICIT in one example
and EXPLICIT in another. 

Which way has it been implemented in existing S/MIME products? Can they
handle both IMPLICIT and EXPLICIT coding of rfc822Name?

There can be only one correct encoding, otherwise DER would not be unique.


Here are the examples from PKIX-1:
------------------------ IMPLICIT TAG:
------------------------------------------
0606 a3 1d         29: . . [3]
0608 30 1b         27: . . . SEQUENCE
0610 30 19         25: . . . . SEQUENCE
0612 06 03          3: . . . . . OID 2.5.29.17: subjectAltName
0617 04 12         18: . . . . . OCTET STRING
                     : 30 10 81 0e 77 70 6f 6c 6b 40 6e 69 73 74 2e 67
                     : 6f 76

0000 30 10         16: SEQUENCE
0002 81 0e         14: . [1]
                     : 77 70 6f 6c 6b 40 6e 69 73 74 2e 67 6f 76
Note: This subjectAltName data is IMPLICIT TAGS - is that correct? (this
note is taken from PKIX-1!)


When I wrote that note in PKIX-1, I intended to call attention to the
fact that there appeared to be an error in the software that generated
that example.  I wasn't confident enough to phrase it as a definite
statement that THIS EXAMPLE IS WRONG, but intended to warn developers
that there might be a problem.

I am confident now that GeneralName must be encoded using EXPLICIT TAGS,
and that the above example is indeed incorrect.  


I have consulted different experts and of course received different
reponses:

Response A:
    [must be IMPLICIT]

Response B:
    [must be EXPLICIT]

Response C:
    [rfc822Name is IMPLICIT but directoryName is EXPLICIT]


Wow, that response C is really creative!  I like it :-).

But I still hope that ASN.1 experts will step forward to confirm that
Response B is the correct one.

<Prev in Thread] Current Thread [Next in Thread>