Re: ?ASN1 stuff
Hi,all. Sorry for my english. Please help me to clarify the using of the such ASN1 structure in RDNSequence and in SubjectDirectoryAttributes. Why do they have different ASN1 structure, if they play the same role but in different contexts. For what reason there is SET OF? OpenSSL always used only one SEQ in every SET. Why is it used?.If standart would omit, what effect this can has? RDNSequence : := SEQUENCE OF RelativeDistinguishedName RelativeDistinguishedName : := SET OF AttributeTypeAndValue AttributeTypeAndValue: := SEQUENCE { type AttributeType, value AttributeValue} SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute Attribute ::= SEQUENCE { type Attributetype, valuesSET OF AttributeValue } Why SET OF is used exactly in this place instead of place of previous ASN1 Structure. By the way, does OpenSSL support of SubjectDirectoryAttributes extension?If not,In what the most painless way this can be done? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: ?ASN1 stuff
On Thu, Mar 03, 2005, Zerg wrote: Hi,all. Sorry for my english. Please help me to clarify the using of the such ASN1 structure in RDNSequence and in SubjectDirectoryAttributes. Why do they have different ASN1 structure, if they play the same role but in different contexts. For what reason there is SET OF? OpenSSL always used only one SEQ in every SET. OpenSSL does that because that's what the standards require. If it did anything else certificates wouldn't be compatible with other implementations. OpenSSL doesn't *always* use only one SET OF member it just usually does. There are ways of using more than one its just that in practice this is very rarely used. SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute Attribute ::= SEQUENCE { type Attributetype, valuesSET OF AttributeValue } Why SET OF is used exactly in this place instead of place of previous ASN1 Structure. By the way, does OpenSSL support of SubjectDirectoryAttributes extension?If not,In what the most painless way this can be done? You'd have to ask the standards groups why they chose to do things that way. OpenSSL doesn't directly support that extension but you can add it using the mini-ASN1 compiler in 0.9.8. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
ASN1 stuff
Hi,all. Sorry for my english. Please help me to clarify the using of the such ASN1 structure in RDNSequence and in SubjectDirectoryAttributes. Why do they have different ASN1 structure, if they play the same role but in different contexts. For what reason there is SET OF? OpenSSL always used only one SEQ in every SET. Why is it used?.If standart would omit, what effect this can has? RDNSequence : := SEQUENCE OF RelativeDistinguishedName RelativeDistinguishedName : := SET OF AttributeTypeAndValue AttributeTypeAndValue: := SEQUENCE { type AttributeType, value AttributeValue} SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute Attribute ::= SEQUENCE { type Attributetype, valuesSET OF AttributeValue } Why SET OF is used exactly in this place instead of place of previous ASN1 Structure. By the way, does OpenSSL support of SubjectDirectoryAttributes extension?If not,In what the most painless way this can be done? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]