[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The definition of OTHER-NAME

To: Tom Biskupic <tbiskupic@xxxxxxxxxxxxx>
Subject: Re: The definition of OTHER-NAME
From: Magnus Nystrom <magnus@xxxxxxxxxxxxxxx>
Date: Tue, 7 Dec 1999 13:12:55 +0100 (W. Europe Standard Time)
Cc: ietf-pkix@xxxxxxx
In-reply-to: <>

Hi Tom,

Note that the 'otherName' choice in the definition of 'GeneralName' in
X.509:1997 is:

otherName INSTANCE OF OTHER-NAME,

and 'INSTANCE OF' is defined in Annex C of X.681 as precisely the
'OtherName' type defined in RFC 2459.

Hope this helps,
-- Magnus
Magnus Nystrom		Email: magnus@rsasecurity.com
RSA Laboratories

On Tue, 7 Dec 1999, Tom Biskupic wrote:

> Hello,
> 
> I'm sure this must have been discussed previously, but not having found an
> answer in the first 12Mb archive of this mailing list I thought I'd float it
> anyhow.
> 
> There seems to be a discrepancy in the definition of Othername in RFC2459
> and X509V3
> 
> The definition of OtherName in RFC2459 is as follows :-
> 
>      OtherName ::= SEQUENCE {
>            type-id    OBJECT IDENTIFIER,
>            value      [0] EXPLICIT ANY DEFINED BY type-id }
> 
> where as X509.V3 defines it as
> 
> OTHER-NAME ::= TYPE-IDENTIFIER
> 
> Which does not have the [0] tag on the value (see X.681 Annex A)
> 
> The draft-ietf-pkix-new-part1-00.txt even says
> 	-- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as
> 	-- TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax
> 
> But then goes on to define AnotherName to include the [0] tag.
> 
> Why is the [0] tag there? I don't see any ambiguity in the encoding that
> would require a context specific tag.

References:
- The definition of OTHER-NAME
  - From: Tom Biskupic

Prev by Date: The definition of OTHER-NAME
Next by Date: Repeated: QC biometric selection/protocol
Previous by thread: The definition of OTHER-NAME
Next by thread: Repeated: QC biometric selection/protocol
Index(es):
- Date
- Thread