ietf-smime
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-escertid-00.txt

2006-03-30 10:08:40

No it isn't, you've lost the 'OPTIONAL' on issuerSerial, making it non-
backwards-compatible.  If you want it to have the properties you claim it has,
you'd need:

ESSCertIDv2 ::= SEQUENCE {
    certHash         Hash,
    issuerSerial     IssuerSerial OPTIONAL,
    hashAlgorithm    AlgorithmIdentifier DEFAULT { sha-1 }


Well passing through those structures caught my attention.

Aren't they ambiguous and could possibly be rejected by ASN1 compilers
or parsers?

My reason being that the presence of DEFAULT/OPTIONAL fields is decided
by the tag and both IssuerSerial and AlgorithmIdentifier both have a
SEQUENCE tag.

Steve.
Something like;

ESSCertIDv2 ::= SEQUENCE {
   certHash         Hash,
   issuerSerial     IssuerSerial OPTIONAL,
   hashAlgorithm    [0] AlgorithmIdentifier DEFAULT { { algorithm sha-1, 
parameters NULL} }


--
To verify the signature, see http://edelpki.edelweb.fr/ Cela vous permet de charger le certificat de l'autorité; die Liste mit zurückgerufenen Zertifikaten finden Sie da auch.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature