I agree, the version is not adding any value. It should be removed.
Russ
At 04:11 PM 5/22/98 -0400, John Pawling wrote:
All,
In March, Darren Harter correctly pointed out a problem with the
ESSSecurityLabel syntax (see attached snip of Darren's msg). The version
number was added to ESSSecurityLabel as an indicator that the syntax is
different than the X.411 securityLabel syntax (i.e. when privacyMark
UTF8String CHOICE is present). Darren correctly pointed out that when the
ESSSecurityLabel SET is DER encoded, then the version number will appear
after the majority of the fields in the ESSSecurityLabel. I propose that
the version component should be deleted from the ESSSecurityLabel syntax
because it does not serve a useful purpose because it is not the first field
to appear in the DER-encoded ESSSecurityLabel. The id-aa-securityLabel OID
identifies the ESSSecurityLabel syntax when it is used in an authenticated
attribute. If the ESSSecurityLabel syntax is changed after ESS becomes
stable, then a new OID can be assigned to indicate the changed syntax.
================================
John Pawling, jsp(_at_)jgvandyke(_dot_)com
J.G. Van Dyke & Associates, Inc.
www.jgvandyke.com
================================
Darren Harter wrote:
John,
There is a further flaw in the scheme. Because the ESSSecurityLabel is a
SET, it will be sorted when DER is used.
This means that the set elements will appear in the following order in
the DER
encoding:
When Printable String Used - v1
Classification - tag 0x02
PolicyId - tag 0x06
Privacy - tag 0x13
Categories - tag 0x30
When UTF8 String Used - v2
Classification - tag 0x02
PolicyId - tag 0x06
Categories - tag 0x30
Version - 0x80
Privacy - tag 0x81
<snip>