[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Using Signature Policy in RFC-5126

To: ietf-smime@xxxxxxx, spv@xxxxxxxxxxxx, yasir.khan@xxxxxxxxxxxx
Subject: RE: Using Signature Policy in RFC-5126
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Fri, 04 Jul 2008 16:54:54 +1200
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Sender: owner-ietf-smime@xxxxxxxxxxxx

"Pavel V. Smirnov" <spv@xxxxxxxxxxxx> writes:

>Julien mentioned a point considered in Note 3: "Unless DER is used
>throughout, it is recommended that the binary encoding of the ASN.1
>structures being time-stamped be preserved when being archived to ensure
>that the recalculation of the data hash is consistent".

Oh, I'm surprised this isn't the default for everything - are implementors 
really trying to decode and re-encode data and expecting the signature to 
still validate?  Doing this violates the primary enoding rule, "There is only 
one (re-)encoding mechanism and memcpy() is its name".

Peter.

References:
- RE: Using Signature Policy in RFC-5126
  - From: Pavel V. Smirnov

Prev by Date: RE: Using Signature Policy in RFC-5126
Previous by thread: RE: Using Signature Policy in RFC-5126
Next by thread: Re: Using Signature Policy in RFC-5126
Index(es):
- Date
- Thread