OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xcbf message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xcbf] FW: Multiple certificates

Yes, the certificates are concatenated.  In practice, I can see
no reason whatsoever for X9.68 and X.509 certificates to
ever be mixed in an application. There is no standard means
defined of chaining these two types together. So, you'd either
use one format or the other, not both.

Currently, X.509 is the market. The X9.68 format has just
now been approved as a NWI in ISO TC68/SC2. But it may
well become the first all XML certificate format. If it should,
we'll want to change XCBF to accommodate this new format,
which will not need to be Base64 armored to be used in an
XML message.


Alessandro Triglia wrote:

I haven't received any response to the question below.  


-----Original Message-----
From: Alessandro Triglia [mailto:sandro@oss.com] 
Sent: Wednesday, April 09, 2003 19:23
Subject: Multiple certificates


In the proposed XCBF CS, "certs" has type CertificateSet, 
which is defined as:

	CertificateSet ::= OCTET STRING

Line 1523 says:  "Any combination of X9.68 domain 
certificates, X.509 certificates and attribute certificates 
may be included in the CertificateSet type in any order."

It has just occurred to me that the text does not say how to 
combine multiple certificates in a single OCTET STRING.  

Should they be simply concatenated?




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]