[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
JFK ID payload
Section 4.2 of the new draft specifies the value of the ID payload as:
IDi and IDr is expressed as a single octet specifying the type of
ID used, followed by the ID material. The following ID types are
specified.
ID tag Meaning
1 A bundle of one or more PKIX certificates, CRLs, and OCSP
responses, concatenated.
While this may work in theory, it will be difficult to implement
correctly, since the recipient will be forced to partially parse
the BER of each element in order to determine what type of entity
he's dealing with. In general it would probably be better for
JFK to separate and tag each entity.
-Ekr