> > 00 20 : Illegal DER, leading 00 not needed
> > 00 80 : Legal, leading 00 needed to make number positive
> > FF 03 : Legal, leading FF needed to make number negative
> > FF D0 : Illegal DER, FF not needed

> >     Note that these are all legal BER and are all perfectly valid and
> > meaningful integer encodings. DER, however, requires the
> > minimum number of
> > octets to be used.

> As rightfully pointed out by Peter Sylvester, in this respect BER is
> equivalent to DER as well.

        You are correct. For some reason, 8.3.2 prohibits using additional 
octets
in an integer encoding even in BER. I'm really not sure why, but that's a
fact.

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to