Re: AW: KeyInfo interoperability

Hi Gregor,

Sorry; the CRL was from a minimal profile. I attach an updated
set of signatures which I think uses PKIX profile, but I don't
track that stuff so I can't be sure.

Merlin

r/gregor.karlinger@iaik.at/2001.05.15/11:10:39
>Merlin,
>
>> If anyone can validate any or all of these, that would be
>> great. They seem to work for me, but I often break things
>> badly.
>
>>   KeyName
>
>  We have not implemented KeyName yet.
>
>> RetrievalMethod[rawX509Certificate]
>
>  We have not implemented RetrievalMethod yet.
>
>> X509Certificate
>
>  Validated correctly.
>
>> X509SubjectName
>
>  Validated correctly.
>
>> X509SKI
>
>  Validated correctly.
>
>> X509IssuerSerial
>
>  Validated correctly.
>
>> X509CRL
>
>  Validation failed since the CRL you provide within the
>  signature example is lacking for the "nextUpdate" extension,
>  although it is required according to RFC 2459.
>
>Liebe Gruesse/Regards, 
>---------------------------------------------------------------
>DI Gregor Karlinger
>mailto:gregor.karlinger@iaik.at
>http://www.iaik.at
>Phone +43 316 873 5541
>Institute for Applied Information Processing and Communications
>Austria
>---------------------------------------------------------------
> 
>


-----------------------------------------------------------------------------
Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
   http://www.baltimore.com