ietf-smime
[Top] [All Lists]

Comment on ESS-09

1998-12-10 10:30:57
I am not sure if there is any plan to change this for version 10 of ESS or
it was/will be discussed in Orlando, but I just though that the
identification of certificates in Section 5.4.1 for the Signing Certificate
Attribute Definition should be more flexible and not necessarily be bound
for ever to SHA1. I however agree that SHA1 should be the default digest
algorithm at this point. Instead I suggest that it could read as follows:

ESSCertID ::=  SEQUENCE {
     certHash                 CertHash,
     issuerSerial             IssuerSerial OPTIONAL
}

CertHash ::=  SEQUENCE {
     digestAlgorithm          DigestAlgorithmIdentifier,
     digest                   Digest
}

Digest ::= OCTET STRING -- hash of entire certificate

Francois Rousseau
AEPOS Technologies

<Prev in Thread] Current Thread [Next in Thread>