[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CERT REQ payload Handling Clarification



-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Ramana" == Ramana Yarlagadda <ramana.yarlagadda@analog.com> writes:
    Ramana> I think we have to use only DER encoding here and not the BER.
    Ramana> Becuase the protocol doesn't allow you to negotiate  encoding method .
    Ramana> And so BER encoding is not used in IKE.

  DER is a subset of BER.
  Your parser should always expect BER.
 
  DER is required in certain situations, which would be well spelt out -
typically under signatures.

  It would be nice if someone would write a seperate Informational document
on using PKIX with IKE.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys

iQCVAwUBPUk/toqHRg3pndX9AQHtygQA3QTMux6TD7C7e5D4qLwhdvYxlwlzVWDW
YOErouJn6am5IA54h1xCFtfz2rNJOY/t80pWNPEcOlrb3wz83WV5OaWQ1Ry9xuQf
SxyTD7UfBYiDGH8N7lk/ZuKazuGun9RMW700v0ip/gh/hV/YjeJJyiXbcfArQtuQ
7iteqBAob/E=
=jTaz
-----END PGP SIGNATURE-----