- Signatures, uniqueIdentifiers etc. were not created by PKIX as far as I remember. It may be that they the same who are creating an inflation of data encapsulated
in octet strings in PKIX are probably the same people.If they didn't not understand ASN.1 20 years ago and did not make progress ...
I said "IF".
- Binary blobs of data do not necessarily have an octet boundary.It is a hack to encapsulate in a bit/octetstring date that have a defined structure, e.g., X509 extensions, to circumvent problems with incomplete coders/decoders.
The developers of these tools may be the same people described above. :-) David Schwartz wrote:
I guess the real problem is that the PKIX idiots decided to use bitstrings instead of octetstrings for signatures, unique identifiers, etc.! I cannot find any valid reason why they would do this. If it would up to me, I would replaced all bitstrings containing unnamed bits with octetstrings, since they are only binary blobs of data.Bingo. This has annoyed the hell out of me too. The biggest nuisance for me is when my analysis tools display them as long strings of ones and zeroes. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
--To verify the signature, see http://edelpki.edelweb.fr/ Cela vous permet de charger le certificat de l'autorité; die Liste mit zurückgerufenen Zertifikaten finden Sie da auch.
smime.p7s
Description: S/MIME Cryptographic Signature
