Re: X509SerialNumber schema from Glenn Adams on 2001-03-28 (w3c-ietf-xmldsig@w3.org from January to March 2001)

From: Glenn Adams <gadams@vgi.com>
Date: Wed, 28 Mar 2001 11:18:16 -0500
To: <kgold@watson.ibm.com>
Cc: <w3c-ietf-xmldsig@w3.org>
Message-ID: <013a01c0b7a2$b2556620$26020001@vgi.com>

> Date: Fri, 9 Mar 2001 15:30:22 -0500
> Message-Id: <200103092030.PAA35236@alpha.watson.ibm.com>
> From: Ken Goldman <kgold@watson.ibm.com>
> To: w3c-ietf-xmldsig@w3.org
> Subject: X509SerialNumber schema

...

> Assuming that (1) is right - If I have an X509SerialNumber from a
> certificate that is a long string of bits (Tom Ginden mentioned back on
> July that some certificates use a hash value of 160 bits) doesn't the
> binary to decimal conversion become computationally painful.

Are you certain this hash is used for CertificateSerialNumber as opposed to
using it for
SubjectKeyIdentifier? RFC2459 Section 4.2.1.2 describes such a hash to be used
for SubectKeyIdentifier.

Regards,
Glenn Adams

Received on Wednesday, 28 March 2001 11:19:35 UTC