- From: Greg Whitehead <gwhitehead@signio.com>
- Date: Fri, 7 Jul 2000 12:58:59 -0700
- To: "'tgindin@us.ibm.com'" <tgindin@us.ibm.com>, "Joseph M. Reagle Jr." <reagle@w3.org>
- Cc: David.Solo@citicorp.com, w3c-ietf-xmldsig@w3.org
Also keep in mind that some x509 implementations don't sign protect the asn1 encoding of the serial number properly, which could make the conversion to/from an xml encoded integer fragile. -Greg -----Original Message----- From: tgindin@us.ibm.com [mailto:tgindin@us.ibm.com] Sent: Friday, July 07, 2000 12:15 PM To: Joseph M. Reagle Jr. Cc: David.Solo@citicorp.com; w3c-ietf-xmldsig@w3.org Subject: Re: Encoding of 509 serial # and SKI "Joseph M. Reagle Jr." <reagle@w3.org>@w3.org on 07/07/2000 02:47:08 PM Sent by: w3c-ietf-xmldsig-request@w3.org To: David.Solo@citicorp.com cc: w3c-ietf-xmldsig@w3.org Subject: Re: Encoding of 509 serial # and SKI At 08:40 2000-07-07 -0400, David.Solo@citicorp.com wrote: [snip] >I don't think we agreed on what the X509SerialNumber should be. Its currently >listed as a string (which is ambiguous) and could be either ds:CryptoBinary or >integer (it is defined in ASN as an integer). I'm indifferent (anyone have a >strong preference?) but would probably lean towards integer. Ok, I'll change it to integer. [Tom Gindin] Remember, some CA's assign this field as the output of a hash function - 160 bits is the longest on record, I think.
Received on Friday, 7 July 2000 15:58:19 UTC