[Top] [All Lists]

RE: Using Signature Policy in RFC-5126

2008-07-03 22:09:15

"Pavel V. Smirnov" <spv(_at_)CryptoPro(_dot_)ru> writes:

Julien mentioned a point considered in Note 3: "Unless DER is used
throughout, it is recommended that the binary encoding of the ASN.1
structures being time-stamped be preserved when being archived to ensure
that the recalculation of the data hash is consistent".

Oh, I'm surprised this isn't the default for everything - are implementors 
really trying to decode and re-encode data and expecting the signature to 
still validate?  Doing this violates the primary enoding rule, "There is only 
one (re-)encoding mechanism and memcpy() is its name".


<Prev in Thread] Current Thread [Next in Thread>