I'm fairly sure the BITSTRING datatype for signatures was chosen by the
PKCS working group, which at the time was a mostly self-selected group of
experts organized by RSA. It certainly wasn't chosen by IETF. The X509v3
extension format was chosen by the X.509 group of ITU/ISO.
Hindsight's 20/2
- Signatures, uniqueIdentifiers etc. were not created by PKIX as far as
I remember.
It may be that they the same who are creating an inflation of data
encapsulated
in octet strings in PKIX are probably the same people.
If they didn't not understand ASN.1 20 years ago and did not make
prog
> I guess the real problem is that the PKIX idiots decided to use
> bitstrings instead of octetstrings for signatures, unique identifiers,
> etc.! I cannot find any valid reason why they would do this. If it
> would up to me, I would replaced all bitstrings containing unnamed
> bits with octetst
>> I have make the change you specified above and I am now passing the
>> above binary string. Now the x500UniqueIdentifer has the following
>> DER encoded value:
>> 03:06:00:A1:B2:C3:D4:E5
>> which contains a null Byte 0x00 in error before the 0xA1B2C3D4E5 value.
>> How can I remove the n
On Fri, Mar 31, 2006, Lisa Matias wrote:
> >> The x500UniqueIdentifier (OID=2.5.4.45) X500 object is suppose to be a
> >> binary bit-string:
> >>
> >> http://www.alvestrand.no/objectid/2.5.4.45.html
> >>
> >> So if I wish to add the unique ID to my certificate object and set its
> >> value
>> The x500UniqueIdentifier (OID=2.5.4.45) X500 object is suppose to be a
>> binary bit-string:
>>
>> http://www.alvestrand.no/objectid/2.5.4.45.html
>>
>> So if I wish to add the unique ID to my certificate object and set its
>> value to 0xA1B2C3D4E5, I cannot find any proper way to do so.
On Fri, Mar 31, 2006, Lisa Matias wrote:
> The x500UniqueIdentifier (OID=2.5.4.45) X500 object is suppose to be a
> binary bit-string:
>
> http://www.alvestrand.no/objectid/2.5.4.45.html
>
> So if I wish to add the unique ID to my certificate object and set its
> value to 0xA1B2C3D4E5, I
