[x500standard] Re: DER encoding of certificates

• From: "Jean-Paul LEMAIRE" <jean-paul.lemaire@xxxxxxxxxxxxxxxxxxxxx>
• To: x500standard@xxxxxxxxxxxxx
• Date: Wed, 06 Jul 2011 08:51:48 +0200

Hi,

In X.509, we have a comment in the definitions of HASH and ENCRYPTED-HASH which specifies that the hash function applies to the DER encoding of the parameter. We can add a sentence to explain how to check the signature.

Regards

Jean-Paul.

Hi folks,

In contrast to RFC 5280, X.509 does not require DER encoding. It only requires that the signature is generated across a DER encoded certificate,

but the itself certificate may be encoded using BER.



Should we add a sentence somewhere in X.509 and possibly in RFC 5280

specifying that when verifying a signature a relying party shall decode and then encode the certificate in DER to verifying the signature?

Erik Andersen

Andersen's L-Service

Elsevej 48,

DK-3500 Vaerloese

Denmark

Mobile: +45 2097 1490

e-amail: era@xxxxxxx

Skype: andersen-erik

<http://www.x500.eu/> http://www.x500.eu/

<http://www.x500standard.com/> http://www.x500standard.com/

<http://dk.linkedin.com/in/andersenerik>
http://dk.linkedin.com/in/andersenerik

-----
www.x500standard.com: The central source for information on the X.500 Directory 
Standard.

• References:
  • [x500standard] DER encoding of certificates
    • From: Erik Andersen

Other related posts:

• » [x500standard] DER encoding of certificates- Erik Andersen
• » [x500standard] Re: DER encoding of certificates- Ramsay, Ron
• » [x500standard] Re: DER encoding of certificates - Jean-Paul LEMAIRE
• » [x500standard] Re: DER encoding of certificates- Steven Legg
• » [x500standard] Re: DER encoding of certificates- David Wilson

1. Home
2. x500standard
3. Archive
4. 07-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---