Re: RFC3161 Timestamping AlgorithmIdentifiers

[Denis Pinkas <Denis.Pinkas@xxxxxxxx>]

Rob,

> We are currently implementing an RFC3161-compliant timestamping server.
> Various timestamping clients that we have downloaded always encode the
> MessageImprint->hashAlgorithm AlgorithmIdentifier with the "parameters"
> field missing. Whilst I accept that X.509 and RFC3280 define the
> AlgorithmIdentifier "parameters" field as OPTIONAL,

 RFC 3280 defines AlgorithmIdentifier as:

 AlgorithmIdentifier  ::=  SEQUENCE  {
      algorithm               OBJECT IDENTIFIER,
      parameters              ANY DEFINED BY algorithm OPTIONAL  }
                                 -- contains a value of the type
                                 -- registered for use with the
                                 -- algorithm object identifier value

 RFC 3161 does not make any additional interpretation of it. The content of
 the field parameters is only and fully dependent upon the algorithm.

 Denis

> surely this definition is "overridden" by PKCS#1 and RFC3279.  RFC3279
> (section 2.2.1) states, for MD2/MD5/SHA-1 with RSA, that "the parameters
> component of that type SHALL be the ASN.1 type NULL".  RFC2119, of course,
> defines "SHALL" as "an absolute requirement of the specification". If we
> follow PKCS#1 and RFC3279, we appear to be incompatible with other
> timestamping clients/servers.
> 
> 1). Who is technically correct?
>
> 2). Regardless of who is technically correct, should our timestamping server
> allow "parameters" to be OPTIONAL or not (for MD2/MD5/SHA-1 with RSA)
> in    
>
> a). the requests it receives?    
> b). the responses it generates? 
>
> Thanks in advance. 
>
> Rob StradlingComodo Research Lab