[x500standard] Re: DER encoding of certificates
- From: David Wilson <David.Wilson@xxxxxxxxx>
- To: x500standard@xxxxxxxxxxxxx
- Date: Wed, 06 Jul 2011 10:08:13 +0100
On Wed, 2011-07-06 at 16:48 +1000, Ramsay, Ron wrote:
>
> Maybe I’m trying to turn back time, but common sense would dictate
> that the signature should apply to the blob it is attached to, even if
> that blob doesn’t follow the DER rules. The notion that you have a
> signature to a blob which you don’t have, and can’t obtain, but for
> which you have a hint that should enable you to construct that blob,
> is a bit weird.
Actually, that is precisely what X.509 says. At the end of the section
for SIGNED:
"The Directory shall follow these rules:
– It shall preserve the encoding of received information whose abstract
syntax it does not fully know and which it expects to subsequently sign;
– When signing data for sending, it shall send data whose syntax it
fully knows with a distinguished encoding and any other data with its
preserved encoding, and shall sign the actual encoding it sends;
– When checking signatures in received data, it shall check the
signature against the actual data received rather than its conversion of
the received data to a distinguished encoding."
So, the signer should be as strict as possible, but the verifier does
not re-encode.
(Also, this section does not specify DER, but a restricted BER. This has
fewer constraints than DER. The need in DER to have a canonical form of
the data within ISO 2022 encoded character strings is an example.)
David
-----
www.x500standard.com: The central source for information on the X.500 Directory
Standard.
Other related posts:
