> The encoding rules in X.208 state that the SEQUENCE OF
> construct may be encoded with zero entries, i.e., a zero length
> sequence of whatever. So, if we wanted to have that encoding (a zero
> length sequence) represent a CRL with no entries, there would have
> been no need to mark the SEQUENCE OF CRLEntry as OPTIONAL. Since we
> did mark this as OPTIONAL, I argue that a zero length sequence is not
> the preferred encoding, although it might be a "legal" encoding
> without the larger context presented by the RFC.
>
> In general, if any sort of ASN.1 construct is marked OPTIONAL,
> I believe that the right encoding for it the omission of the
> construct. If there might be ambiguity in encoded data elements
> caused by omission of an OPTIONAL element, then the overall data
> structure is, I think, ill formed. So I cannot be enthuiastic about
> the encoding approach you adopted, in which a NULL placeholder is
> encoded.
>
Steve,
Thanks for helping to clear this up. I note for completeness that the
DER's say, "if the value of a type is its default value, it shall
be absent." I infer from this that what has been decided is that
a null certificateList shall be the default (and is therefore omitted).
I will make the appropriate changes.
Paul
---------------------------------
Paul Clark
Trusted Information Systems, Inc.
3060 Washington Road
Glenwood, MD 21738
E-Mail: paul(_at_)tis(_dot_)com
Phone: 301.854.6889
FAX: 301.854.5363
---------------------------------