[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CERT REQ payload Handling Clarification
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Ramana" == Ramana Yarlagadda <ramana.yarlagadda@analog.com> writes:
Ramana> I think we have to use only DER encoding here and not the BER.
Ramana> Becuase the protocol doesn't allow you to negotiate encoding method .
Ramana> And so BER encoding is not used in IKE.
DER is a subset of BER.
Your parser should always expect BER.
DER is required in certain situations, which would be well spelt out -
typically under signatures.
It would be nice if someone would write a seperate Informational document
on using PKIX with IKE.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys
iQCVAwUBPUk/toqHRg3pndX9AQHtygQA3QTMux6TD7C7e5D4qLwhdvYxlwlzVWDW
YOErouJn6am5IA54h1xCFtfz2rNJOY/t80pWNPEcOlrb3wz83WV5OaWQ1Ry9xuQf
SxyTD7UfBYiDGH8N7lk/ZuKazuGun9RMW700v0ip/gh/hV/YjeJJyiXbcfArQtuQ
7iteqBAob/E=
=jTaz
-----END PGP SIGNATURE-----