I agree that X.509 is incomplete, rather than (or in addition to)
being ambiguous. Of course, the proper place to discuss padding and
other such issues would be an algorithm-specific standard or
specification of some type (like RFC 1115 or PKCS #1 or IS 9796).
Of course, this does require the algorithm-specific standard. We
went through this particular exercise at the NIST OSI Implementors
Workshop (X.400 SIG) last year when doing recommended practices for
secure messaging. To illustrate the confusion, if left to their own
devices, about half of the attendees would left-justify the digest in
the signature block, half would right-justify and zero pad, and one
claimed that, since the standards didn't REQUIRE padding, you didn't
have to do it (Parkinson's Law applied to cryptography, I guess).
Needless to say, this doesn't bode well for interoperability.