[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKCS-12 Spec. History

To: dale.gustafson@xxxxxxxx
Subject: Re: PKCS-12 Spec. History
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Thu, 26 Apr 2001 05:50:15 (NZST)
Cc: ietf-sacred@xxxxxxx
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Reply-to: pgut001@xxxxxxxxxxxxxxxxx
Sender: owner-ietf-sacred@xxxxxxxxxxxx

Dale Gustafson <dale.gustafson@xxxxxxxx> writes:

>If we use anything other than v1.0, I suspect we'll have to dig up old copies
>of the spec. from the RSA archives (or somewhere).

It's not just the spec, you need to find old copies of the software to see what
they generate, which may not be what's in the spec (my favourite is the version
of Netscape which, when wrapping a pile of ASN.1 in a OCTET STRING, gave each
portion of the underlying data (ie each tag, each length, and each value
portion) its own individual constructed OCTET STRING fragment to live in).

If you're not being forced to use PKCS #12 for interop reasons, I'd go with a
PKCS #15 soft-token, which is a much nicer format.

Peter.

Follow-Ups:
- Re: PKCS-12 Spec. History
  - From: Stephen Farrell
- Re: PKCS-12 Spec. History
  - From: Dale Gustafson

Prev by Date: Re: PKCS-12 Spec. History
Next by Date: Re: PKCS-12 Spec. History
Previous by thread: Re: PKCS-12 Spec. History
Next by thread: Re: PKCS-12 Spec. History
Index(es):
- Date
- Thread