Simon Josefsson <[EMAIL PROTECTED]> writes: >Test vectors for this second problem are as below, created by Yutaka OIWA.
To make this easier to work with, I've combined them into a PKCS #7 cert chain (attached). Just load/click on the chain and see what your app says. (As an aside, this chain is invalid for an entirely unrelated reason, so no standards-compliant PKI application should validate this chain even if the signature did check out. I wonder how many current apps will detect this? See, you don't even need PKCS #1 padding tricks to fool a PKI app... :-). Peter. [2. application/octet-stream; bad_chain.der]... --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]