On Thu, Aug 05, 2004, Craig Gleadall wrote: > Abdou, > The 04:20 is teh DER encoding for an OctetString that is 0x20 bytes long. > What I would have expected to happen was my Sequence to be place right > after the DER encoded OID for 2.5.29.16, but allas it is deciding that the > DER data that I am providing must be an OctetString. > The problem is when this certificate is imported to IE the extension shows > up, but the data is interpreted as an OctetString and not two > GeneratlizedTimes... >
That is the format of *all* extensions. The relevant encoded structure is contained in the extnValue OCTET STRING. Using anything else would violate the standards. If MSIE doesn't display it that might be because it doesn't support the extension. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
