Peter Sylvester <Peter(_dot_)Sylvester(_at_)edelweb(_dot_)fr> writes:
ESSCertIDv2 ::= SEQUENCE {
certHash Hash,
issuerSerial IssuerSerial OPTIONAL,
hashAlgorithm [0] AlgorithmIdentifier DEFAULT { { algorithm sha-1,
parameters NULL} }
It'd be easier to just go with Russ' suggestion of:
ESSCertIDv2 ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier DEFAULT { { algorithm sha-1,
parameters NULL} }
certHash Hash,
issuerSerial IssuerSerial OPTIONAL
}
See my earlier message on why this won't present any backwards-compatibility
problems with the original ESSCertID.
Peter.