[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] SSTC Draft Meeting Minutes - November 18th, 2008
On Mon, Dec 1, 2008 at 4:47 PM, Duane DeCouteau <ddecouteau@sbcglobal.net> wrote: > > 3.2 Disposition of query re DER encoding issue > http://lists.oasis-open.org/archives/security-services/200811/msg00032.html > et all > + deferment from last call > > Scott Cantor - seems each profile will take a different direction... > becomes a profile by profile decision...NOT USING DER will lead to interop > problems...really dependent on what you expect to do with certs... > Tom Scavo - Still working issues...if you des x509cert element > encoding will mostly if not at all be irrelevant For clarity, the query posted to the IETF PKIX WG is ongoing, so in that sense the issue is still open. For all practical purposes, however, the use of <ds:X509Certificate> does not require a particular ASN.1 encoding since the certificate does not need to be decoded and parsed in that case. So the specific issue raised by Scott re DER encoding in the HoK Assertion Profile is resolved by removing all references to DER encoding (and in fact any encoding whatsoever). This has been done in draft-06 of the HoK Assertion Profile. Tom
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]