[cryptography] preventing protocol failings

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Jul 6 07:07:02 EDT 2011

I wrote:

>BER and DER are actually the safest encodings of the major security protocols
>I work with.

Based on the following, which just appeared on another list: 

  In contrast to RFC 5280,  X.509 does not require DER encoding. It only
  requires that the signature is generated across a DER encoded certificate,
  but the itself certificate may be encoded using BER.

  Should we add a sentence somewhere in X.509 and possibly in RFC 5280
  specifying that when verifying a signature a relying party shall decode and
  then encode the certificate in DER to verifying the signature?

may I amend my previous statement to insert "if used under correct adult
supervision" after the words "safest encodings".

Thank you.


More information about the cryptography mailing list