Aha :-)
The fact, that the tag SET is part of a general definition of Attribute itself,
I overlooked.
Thank You for help.
Best regards
--kapetr
P.S. for "Jaroslav Imrich": Still waiting for answer from CA. Will report.
----- PŮVODNÍ ZPRÁVA -----
Od: "Jaroslav Imrich" <jaroslav.imr...@gmail.com>
Komu: openssl-users@openssl.org
Předmět: Re: id-smime-aa-signingCertificate - attribute definition
Datum: 22.1.2013 - 12:38:02
> RFC 2630 page 8:
>
> Attribute ::= SEQUENCE {
> attrType OBJECT IDENTIFIER,
> attrValues SET OF AttributeValue }
>
> --
> Kind Regards / S pozdravom
>
> Jaroslav Imrich
> http://www.jimrich.sk
>
>
> On Tue, Jan 22, 2013 at 10:25 AM, kapetr <kap...@mizera.cz> wrote:
> > Hello,
> >
> > I can not see it in RFC 2634 :-(
> >
> > There is only on page 47 (as discussed before)
> > id-aa-signingCertificate OBJECT IDENTIFIER
> >
> > and the attribute is defined as
> >
> > SigningCertificate ::= SEQUENCE {
> > certs SEQUENCE OF ESSCertID,
> > policies SEQUENCE OF PolicyInformation OPTIONAL
> > }
> >
> > But in the TS reply is it
> > id-smime-aa-signingCertificate
> >
> > and the attribute is SET or SET OF
> >
> > but the syntax and semantic of this definition is not there.
> >
> > E.g. (see the ????) :
> >
> > 607:d=7 hl=2 l= 43 cons: SEQUENCE == attribute
> > 609:d=8 hl=2 l= 11 prim: OBJECT
> > :id-smime-aa-signingCertificate
> > 622:d=8 hl=2 l= 28 cons: SET ==
> > ????????????????????????!!!
> > 624:d=9 hl=2 l= 26 cons: SEQUENCE == SigningCertificate
> > 626:d=10 hl=2 l= 24 cons: SEQUENCE == certs
> > 628:d=11 hl=2 l= 22 cons: SEQUENCE == ESSCertID
> > 630:d=12 hl=2 l= 20 prim: OCTET STRING [HEX
> > DUMP]:3DBB6DB5085C6DD5A1CA7F9CF84ECB1A3910CAC8
> >
> > Thanks
> >
> > --kapetr
> >
> >
> > ----- PŮVODNÍ ZPRÁVA -----
> > Od: "Jaroslav Imrich" <jaroslav.imr...@gmail.com>
> > Komu: openssl-users@openssl.org
> > Předmět: Re: id-smime-aa-signingCertificate - attribute definition
> > Datum: 21.1.2013 - 16:55:58
> >
> >> It is defined in RFC 2634.
> >>
> >> --
> >> Kind Regards / S pozdravom
> >>
> >> Jaroslav Imrich
> >> http://www.jimrich.sk
> >>
> >>
> >> On Wed, Jan 16, 2013 at 2:22 PM, kapetr <kap...@mizera.cz> wrote:
> >> > m sorry - I was blind ?! :-/
> >> >
> >> > The both ESSCertIDs are in same Signing Certificate entity.
> >> >
> >> > But -I'm still interesting to find RFC with def of
> >> > id-smime-aa-signingCertificate attribute type.
> >> >
> >> > Thanks.
> >> ______________________________________________________________________
> >> OpenSSL Project http://www.openssl.org
> >> User Support Mailing List openssl-users@openssl.org
> >> Automated List Manager majord...@openssl.org
> >>
> >
> > --
> > - - Reklama - - - - - - - - - - - - - -
> > Připravte se na svou speciální bojovou misi v cizích galaxiích: v DarkOrbit
> > Vás čekají akční vesmírné bitvy, nebezpeční vetřelci, neznámé fenomény a
> > napínavé mise! http://bit.ly/MweD6F
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List openssl-users@openssl.org
> > Automated List Manager majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
