Hoyt>looking at the octets resulting from the encoding, order the
components from low to high (rule e).
John>(NOTE: this means that length - typically - will play an important
part !)
I certainly hope that you are both wrong, although that is just screwy
enuf to be the correct interpretation.
We are building a system with ASN.1 Distinguished Names, now it seems
that you guys are telling me that is impossible without encoding the
types and values. But we don't necessarily want to encode the types and
values prior to establishing the the DN's. That is, we want the DN's to
be independent of ANY ENCODING. That is possible with all other rules,
if this rule violates the separation of ASN.1 from the encoding, it
seems to me that you cannot say that DN's are represented in ASN.1, but
only in DER. Add to that the fact the "DER" is, in fact, defined in no
one place, but scattered over a variety of "recommendations" and you get
a rather untenable situation. Also, X.501 seems to imply the existence
of "Distinguished values" and "RDN's" independent of the encoding.
Here's my interpretation of x.509 section 8.7 para e.
"the components of a Set-of type shall be encoded in ascending order of
their octet value:"
Since the sequence of words is "encoded in ascending order"; that
implies to me that the ascending order is established prior to the
encoding. Therefore the ascending order is in the octet value of the
AttributeType. We intend to use this interpretation until we are shown
that it is incorrect.
Peace ..Tom Jones