[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Hash values in OCSP

To: <ietf-pkix@xxxxxxx>
Subject: Hash values in OCSP
From: mars@xxxxxxxxxxxxxx (Miguel Angel Rodriguez)
Date: Wed, 16 Jan 2002 17:46:49 -0600
Importance: Normal
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Reply-to: <mars@xxxxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

I request your help in the following issues regarding RFC 2560:

1. The IssuerNameHash has to be calculated using the DER encoding of the
issuer's name field EXACTLY as it appears in the target certificate (the one
being checked with OCSP)? Or is there a standard regarding the order of the
SETs in the RDN components?

2. The IssuerKeyHash value must be calculated excluding tag and length of
the DER encoding
of the subject public key field in the issuer's certificate. Since it is
encoded as a BIT STRING, are we required to include the first contents octet
(AKA the number of unused bits) in the input to the hash function?

Thanks, best regards,

Miguel A. Rodriguez
Software Engineer
SeguriDATA
Mexico

Follow-Ups:
- Re: Hash values in OCSP
  - From: Rich Salz

Prev by Date: Re: Cautionary Period Straw Poll
Next by Date: Re: OCSP RFC and OCSP version 2 ID
Previous by thread: TSP interop update
Next by thread: Re: Hash values in OCSP
Index(es):
- Date
- Thread