[Top] [All Lists]

RE: More on KEKIdentifiers, and a suggested addition to CMS

1999-03-12 04:59:51

I agree in general with what you propose.  I understand the benefit of using an 
OCTET STRING to ensure easy decoding for recipients that do not understand the 
syntax of the data associated with keyTypeIdentifier.  However, I believe that 
a true ANY would be better than an OCTET STRING in this case.

Applications that support CMS already have to deal with a lot of ANY's, so one 
more is not going to add much complexity.  Also, using an ANY rather than an 
OCTET STRING allows for a single pass decode process, which an embedded OCTET 
STRING encoding does not.

The amended part of your syntax would be:

ExternalyDefinedKeyAgreement :: = SEQUENCE {
    keyTypeIdentifier OBJECT IDENTIFIER,
    keyTypeInfo ANY DEFINED BY keyTypeIdentifier }



Darren Harter BSc (Hons) CEng MBCS
Entegrity Solutions Corp
+44 (0) 1452 371383
Email: mailto:darren(_at_)sapher(_dot_)com

<Prev in Thread] Current Thread [Next in Thread>