[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: encoding an X.509 certificate
Tom Scavo wrote:
> On Thu, Nov 6, 2008 at 2:02 PM, Anders Rundgren
> <anders.rundgren@xxxxxxxxx> wrote:
>> It was fascinating to hear about a debate starting 7 years after the specification became finalized!
>
> A significant observation, surely.
>
>> I can't really tell based on the XML Dsig but it appears that the interpretation is DER
>> http://java.sun.com/j2se/1.5.0/docs/api/java/security/cert/Certificate.html#getEncoded()
>> since this is the only decoding available, in at least in standard Java.
>
> Good point.
>
>> Presumably other decodings are incompatible with existing libraries as well.
>
> That is one thing I'm trying to find out, yes.
Obviously the signature will only verify if it is DER encoded. So,
there's generally not much point in supporting other encodings.
>> I would call this a de-facto standard for XML.
>
> Thanks,
> Tom
>
>
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff