[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: some concerns about last IKEv2 draft
On Wed, Sep 10, 2003 at 06:15:21PM -0400, Theodore Ts'o wrote:
> The grammatical typo can easily be fixed, either now or during last
> call.
>
> While you are right that the use of DER or CER is preferred for data
> structures which are digitally signed, as it simplifies certain
> implementations that may decide to decode and then re-encode a
> particular ASN.1 stream, it certainly isn't required. In this
> particular case, I very much doubt it will cause any real problems to
> an implementation, since the simplest and easiest implementation
> strategy will be to verify the hash immediately after downloading the
> certificate bundle specified by the URL, and before separating it into
> its component certificates and CRL's.
>
> Note that certificates and CRL's are themselves self-verifying data,
> so the hash is really more of a sanity check to make sure the correct
> bundle was downloaded as opposed to being seriously needed for the
> security of the protocol.
Good. I hadn't read the relevant text in the I-D to verify that a
definite encoding was not an issue.
> > Further, it would be preferable to give the ASN.1 syntax for this
> > SEQUENCE, which means getting the tagging right, as you point out.
>
> As I said earlier, no tagging is really needed. Explicit tags are
> optional in ASN.1, unless they are needed to create a non-ambiguous
> encoding. However, with either DER or BER, the types of the
> underlying definition of Certificate and CRL are not ambiguous, which
> means that this is perfectly legal ASN.1:
>
> SEQUENCE OF CHOICE { X509-CERTIFICATE, X509-CRL };
Agreed.
Nico
--