[43502] in cryptography@c2.net mail archive
Re: A note on vendor reaction speed to the e=3 problem
daemon@ATHENA.MIT.EDU (David Shaw)
Fri Sep 15 18:59:21 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 15 Sep 2006 14:22:39 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: cryptography@metzdowd.com
Mail-Followup-To: Peter Gutmann <pgut001@cs.auckland.ac.nz>,
cryptography@metzdowd.com
In-Reply-To: <E1GOHb5-0001tE-00@medusa01.cs.auckland.ac.nz>
On Sat, Sep 16, 2006 at 05:35:27AM +1200, Peter Gutmann wrote:
> David Shaw <dshaw@jabberwocky.com> writes:
>
> >Incidentally, GPG does not attempt to parse the PKCS/ASN.1 data at all.
> >Instead, it generates a new structure during signature verification and
> >compares it to the original.
>
> How does it handle the NULL vs.optional parameters ambiguity?
GPG generates a new structure for each comparison, so just doesn't
include any extra parameters on it. Any optional parameters on a
signature would cause that signature to fail validation.
RFC-2440 actually gives the exact bytes to use for the ASN.1 stuff,
which nicely cuts down on ambiguity.
David
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com