IETF Logo Mail Archive

Re: Distinguished names and X509v3 extension OIDs (fwd)

dpkemp@missi.ncsc.mil (David P. Kemp) Tue, 01 April 1997 15:33 UTC

Received: by suntan.tandem.com (8.6.12/suntan5.970212) for ietf-pkix-relay id HAA18560; Tue, 1 Apr 1997 07:33:06 -0800
Received: from guardian.guard.ncsc.mil by suntan.tandem.com (8.6.12/suntan5.970212) for <ietf-pkix@tandem.com> id HAA18550; Tue, 1 Apr 1997 07:33:04 -0800
Received: (from uucp@localhost) by guardian.guard.ncsc.mil (8.6.12/8.6.9) id KAA29947 for <ietf-pkix@tandem.com>; Tue, 1 Apr 1997 10:32:43 -0500
Received: from depot(144.51.53.1) by guardian via smap (V1.3) id sma029945; Tue Apr 1 10:32:28 1997
Received: from argon.ncsc.mil (argon.missi.ncsc.mil [144.51.56.1]) by depot.missi.ncsc.mil (8.6.12/8.6.9) with ESMTP id KAA28742 for <ietf-pkix@tandem.com>; Tue, 1 Apr 1997 10:29:34 -0500
Received: by argon.ncsc.mil (SMI-8.6/SMI-SVR4) id KAA05762; Tue, 1 Apr 1997 10:32:02 -0500
Date: Tue, 01 Apr 1997 10:32:02 -0500
From: dpkemp@missi.ncsc.mil
Message-Id: <199704011532.KAA05762@argon.ncsc.mil>
To: ietf-pkix@tandem.com
Subject: Re: Distinguished names and X509v3 extension OIDs (fwd)
X-Sun-Charset: US-ASCII

> From: Ben Laurie <ben@gonzo.ben.algroup.co.uk>
> 
> David P. Kemp wrote:
> > If anyone has a counterexample - a BER transfer string that cannot
> > be converted to DER without knowledge of the ASN.1 definition, I'd
> > like to see it.
> 
> >From memory, if a field has its default value, in DER it must be omitted, but
> in BER it is optional. I could be completely wrong, though.


Touche'.   I was considering definite/indefinite length encoding, but
failed to consider DEFAULT.  There are probably other reasons to need
the ASN.1 as well.

(Reference for DEFAULT encoding: X.690 sections 8.11.3 and 11.5)

It's a shame that the entire signed portion of a certificate can't be
treated as an opaque blob in transit, instead of each individual extnValue.

v2.23.0 | Report a Bug | By Email