[Top] [All Lists]

Re: flexibility of the ESSCertID field

2005-11-09 09:00:45

   ESSCertIDv2 ::=  SEQUENCE {
        hashAlgorithm AlgorithmIdentifier DEFAULT id-sha1,
        certHash Hash,
        issuerSerial  IssuerSerial OPTIONAL

I prefer this approach because it is always fewer octets, and it generates
the same ESSCertID output when SHA-1 is used.

Adding new field at the end may be better for ASN.1 parsing

        certHash Hash,
issuerSerial IssuerSerial OPTIONAL, hashAlgorithm [0] AlgorithmIdentifier DEFAULT { algorithm id-sha1 } }

To verify the signature, see Cela vous permet de charger le certificat de l'autorité; die Liste mit zurückgerufenen Zertifikaten finden Sie da auch.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature