[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] PKIX ASN.1

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] PKIX ASN.1
From: Bancroft Scott <baos@xxxxxxx>
Date: Thu, 20 Nov 1997 08:56:57 -0500
Comments: To: Phil Griffin <asn1@mindspring.com>
In-reply-to: <3473B755.4953@mindspring.com>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

Phil Griffin wrote:

> > >Both BMPString and UniversalString are types defined only in the
> > >current standard, ASN.1:1994. PKIX uses BMPString in code that uses
> > >the superceded ANY DEFINED BY, which is described in Annex I of the
> > >current standards, but is not an integral part of the ASN.1 standards.
> > >X.208 does not define type BMPString. Such ASN.1 usage will certainly
> > >break tools that correctly implement the ASN.1 standards.
> >
> > I think that the PKIX '88 ASN.1 gets around this adequately by declaring:
> >
> > UniversalString ::= [UNIVERSAL 28] IMPLICIT OCTET STRING
> >         -- UniversalString is defined in ASN.1:1993
> > BMPString ::= [UNIVERSAL 30] IMPLICIT OCTET STRING
> >         -- BMPString is the subtype of
> >         -- UniversalString and models the Basic Multilingual Plane
> >         -- of ISO/IEC 10646-1
> >
> > This certainly works with my '90 based ASN.1 compiler :-)
> >
> > Dean.
>
> It is not valid to use 'UNIVERSAL' as a tag class in an ASN.1 abstract
> syntax. This class is reserved for use in the ASN.1 standards, where
> it is used as shown above to define builtin ASN.1 types. The notation
> you describe above is not valid, but attempts to redefine an ASN.1:1994
> builtin type as part of X.208.
>
> In particular, the introduction to X.680 states that "Users of this
> notation are not allowed to explicitly specify universal class tags
> in their ASN.1 specifications, for these tags are built-in and can
> be specified explicitly only in this Recommendation | International
> Standard."
>
> Phil

Forbidding use of the UNIVERSAL class in ASN.1 specs is not something
introduced by X.680.  CCITT X.208 | ISO/IEC 8824 clause 26.4 explicitly
forbids use of class UNIVERSAL other than for types defined within the
ASN.1 standard itself.

The fact that some tools are defective in their support for ASN.1 should
not be used as a reason for writing ASN.1 that properly conforming ASN.1
tools cannot support without making them defective.  This sort of thing
applies to all standards, not just ASN.1.  If X.208 is to be used, fine,
or if X.680 is to be used, fine; however, please don't write ASN.1-based
standards that is known to conform to neither.

--------------------------------------------------------------------------
Bancroft Scott                                Toll Free    :1-888-OSS-ASN1
Open Systems Solutions, Inc.                  International:1-609-987-9073
baos@oss.com                                  Tech Support :1-732-249-5107
http://www.oss.com                            Fax          :1-732-249-4636

Prev by Date: [IETF-PKIX] SV: Re: [IETF-PKIX] digitalSignature vs. nonRepudiation
Next by Date: [IETF-PKIX] P R E S S R E L E A S E
Previous by thread: Re: [IETF-PKIX] PKIX ASN.1
Next by thread: Re: [IETF-PKIX] PKIX ASN.1
Index(es):
- Date
- Thread