re:ASN.1 ambiguity
"danielle (d.m.) mortimer" <mortimer@bnr.ca> Fri, 13 October 1995 04:56 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa05837; 13 Oct 95 0:56 EDT
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa05833; 13 Oct 95 0:56 EDT
Received: from pad-thai.cam.ov.com by CNRI.Reston.VA.US id aa02148; 13 Oct 95 0:56 EDT
Received: from MIT.EDU by pad-thai.cam.ov.com (8.6.12/) with SMTP id <AAA12544@pad-thai.cam.ov.com>; Fri, 13 Oct 1995 00:10:52 -0400
Received: from x400gate.bnr.ca by MIT.EDU with SMTP id AA14788; Fri, 13 Oct 95 00:07:58 EDT
X400-Received: by mta bnr.ca in /PRMD=BNR/ADMD=TELECOM.CANADA/C=CA/; Relayed; Fri, 13 Oct 1995 00:06:36 -0400
X400-Received: by /PRMD=BNR/ADMD=TELECOM.CANADA/C=CA/; Relayed; Thu, 12 Oct 1995 23:28:37 -0400
X400-Received: by /PRMD=BNR/ADMD=TELECOM.CANADA/C=CA/; Relayed; Thu, 12 Oct 1995 16:33:00 -0400
Date: Thu, 12 Oct 1995 16:33:00 -0400
X400-Originator: /dd.id=1609094/g=danielle/i=dm/s=mortimer/@bnr.ca
X400-Mts-Identifier: [/PRMD=BNR/ADMD=TELECOM.CANADA/C=CA/; bcars735.b.533:13.09.95.03.28.37]
X400-Content-Type: P2-1984 (2)
Content-Identifier: re:ASN.1 ambi...
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: "danielle (d.m.) mortimer" <mortimer@bnr.ca>
X-Orig-Sender: "danielle (d.m.) mortimer" <mortimer@bnr.ca>
Message-Id: <"23561 Thu Oct 12 23:29:01 1995"@bnr.ca>
To: luehe@mtv4s1.eng.sun.com
Cc: "dragan (d.) grebovich" <dragan@bnr.ca>, "carlisle (c.m.) adams" <cadams@bnr.ca>, "alex (a.d.) brown" <alex@bnr.ca>, cat-ietf@mit.edu
Subject: re:ASN.1 ambiguity
In message "ASN.1 ambiguity", luehe@mtv4s1.Eng.Sun.com writes: > I have a problem with the ASN.1 defintion of InitialContextToken as found > in draft-ietf-cat-spkmgss-04.txt (May 25, 1995): > > InitialContextToken ::= [APPLICATION 0] IMPLICIT SEQUENCE { > thisMech MechType, > -- MechType is OBJECT IDENTIFIER > -- representing "SPKM-1" or "SPKM-2" > innerContextToken ANY DEFINED BY thisMech > -- contents mechanism-specific > } > > Since the "thisMech" component may only assume one of the values > SPKM-1 or SPKM-2, it does not unambiguously determine the actual type > governing the value in the "innerContextToken", which may be > SPKM_REQ, SPKM_REP_TI, SPKM_REP_IT, or SPKM_ERROR. I understand that the > various context establishment tokens are distinguished by their > tok_id fields; however, the distinction should be accomplished at an earlier > stage during decoding, i.e. through the value of "thisMech". > > Has anybody come across this problem, or am I wrong? I'll answer on behalf of Carlisle who is on vacation at the moment. This is not a problem at all. The mechanism type is intended to indicate the mechanism, e.g. SPKM-1, SPKM-2, Kerberos V5, etc. The decoder must read the mechanism type before it can interpret the mechanism-specific contents of the innerContextToken. In the case of SPKM-1 and SPKM-2, the innerContextToken is ASN.1-encoded, and the token type is indicated by the tok_id field as you pointed out. The decoder then has to "peek" at the tok_id before it can interpret the contents as SPKM_REQ, SPKM_REP_TI, SPKM_REP_IT or SPKM_ERROR. ------------------------------------------------------------- D.M. Mortimer Nortel Secure Networks email: mortimer@bnr.ca 2 Constellation Crescent voice: (613) 763-7498 Nepean, Ontario K2G 5J9 fax: (613) 765-3764 http://www.entrust.com
- Re: re:ASN.1 ambiguity John Wray, Digital DPE, (508) 486-5210 16-Oct-1995 1402
- RE: re:ASN.1 ambiguity John Lowry
- re:ASN.1 ambiguity John Lowry
- RE: re:ASN.1 ambiguity John Lowry
- Re: re:ASN.1 ambiguity Theodore Ts'o
- Re: re:ASN.1 ambiguity Theodore Ts'o
- re:ASN.1 ambiguity danielle (d.m.) mortimer
- RE: re:ASN.1 ambiguity John Wray, Digital DPE, (508) 486-5210 13-Oct-1995 1349
- Re: ASN.1 ambiguity Marc Horowitz
- re:ASN.1 ambiguity Jan Luehe
- Re: re:ASN.1 ambiguity John Lowry
- Re: ASN.1 ambiguity Marc Horowitz
- RE: re:ASN.1 ambiguity John Wray, Digital DPE, (508) 486-5210 16-Oct-1995 1122
- Re: re:ASN.1 ambiguity Theodore Ts'o
- Re: ASN.1 ambiguity John Linn
- RE: re:ASN.1 ambiguity John Wray, Digital DPE, (508) 486-5210 16-Oct-1995 0735