Re: [CGA-EXT] Review of draft-ietf-csi-proxy-send

Thu, 04 Mar 2010 03:30:48 -0800 

Hi

|  -----Mensaje original-----
|  De: [email protected] [mailto:[email protected]] En nombre
de
|  Jari Arkko
|  Enviado el: viernes, 11 de diciembre de 2009 6:37
|  Para: Tony Cheneau
|  CC: [email protected]; [email protected]
|  Asunto: Re: [CGA-EXT] Review of draft-ietf-csi-proxy-send
|  
|  Tony,
|  
|  > The padding field is exactly defined this way in RFC 3971 (although a
|  > Pad Length field was present on the -04 version of the SEND draft). I
|  > think the draft-ietf-csi-proxy-send-01 document only reuses the format
|  > of the badly defined RSA Signature Option.
|  
|  Ah, OK.
|  
|  > If RFC 3971 was to be updated, I agree that a padding length field
|  > should be defined somewhere in the RSA (or XXX) Signature Option. Was
|  > there a rational behind its removal during the RFC 3971
|  > standardisation process ?
|  
|  I can't recall. Maybe this is one of the bugs that we need to fix. Or
|  perhaps there is a way to determine the lengths but neither of us can't
|  just see it right now. In any case, it should be clearly specified in
|  3971bis and the proxy-send drafts.

The length of the Digital Signature can be obtained from parsing the PKCS#1
v1.5 signature itself, which is coded in ASN.1 BER. 
Therefore, I have changed in draft-ietf-csi-proxy-send-02 the statement
saying:

"The length of the
        Digital Signature field is determined by the length of the RSA
        Signature option minus the length of the other fields (including
        the variable length Pad field.)

by
"The length of the Digital Signature field is determined by the ASN.1 BER
coding of the PKCS#1 v1.5 signature."

Then, I would still say that 
"The length of the padding field is determined by the length of the Proxy
Signature Option minus the length of the other fields."

Do you think this is correct?

Regards,
Alberto

|  
|  Jari
|  
|  _______________________________________________
|  CGA-EXT mailing list
|  [email protected]
|  https://www.ietf.org/mailman/listinfo/cga-ext

_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext

Reply via email to