Do not need to re-encode. Always keep the blob around. -----Original Message----- From: pkix-bounces@xxxxxxxx [mailto:pkix-bounces@xxxxxxxx] On Behalf Of Martin Rex Sent: Wednesday, July 06, 2011 9:40 AM To: Carl Wallace Cc: x500standard@xxxxxxxxxxxxx; t09sg17q11@xxxxxxxxxxxxx; pkix@xxxxxxxx Subject: Re: [pkix] DER encoding of certificates Carl Wallace wrote: > > No. For one reason, verifiers may not know how to DER encode some > extensions. It'd be better to require DER or require verification to use > toBeSigned bytes as they appear (be they BER or DER). Expecting verifiers to parse and re-encode certs before being able to verify a digital certificate seems like a very bad idea with respect to performance, reliability and complexity. The other problem is that there are too many defective ASN.1 encoders out there, some of them actively used by certificate issuers. GlobalSign has been distributing a RootCA cert in browsers that was using incorrect ASN.1 DER -- and that caused verification failures on some occasions. IIRC, the bug was in the ASN.1 encoding of the KeyUsage BIT STRING, which is a NamedBitList (and according to X.690 11.2 + X.680 21.7 tailing 0 bits must be removed in ASN.1 DER from a NamedBitList during encoding.) -Martin _______________________________________________ pkix mailing list pkix@xxxxxxxx https://www.ietf.org/mailman/listinfo/pkix ----- www.x500standard.com: The central source for information on the X.500 Directory Standard.