Details
-
Bug
-
Resolution: Fixed
-
P4
-
None
-
None
-
b03
Description
Of the PKCS#9 attributes we support, some of them are coded to the v1.1 revision of the specification. With RFC 2985 (PKCS#9 v2.0) some of these attributes had their encodings changed. We should update our code to conform to these newer definitions.
Of note:
* unstructuredName is currently (IA5String | PrintableString). It should be (IA5String | DirectoryString)
* unstructuredAddress is currently (PrintableString | T61String). It should be DirectoryString.
* signingTime currently only accepts UTCTime objects, but they can also come in as GeneralizedTime. The criteria for which time encoding to use depends on the date being encoded. We may choose to accept both encodings for all dates, or be more strict and enforce only the proper encoding for a given date.
There may be other discrepancies as well.
Of note:
* unstructuredName is currently (IA5String | PrintableString). It should be (IA5String | DirectoryString)
* unstructuredAddress is currently (PrintableString | T61String). It should be DirectoryString.
* signingTime currently only accepts UTCTime objects, but they can also come in as GeneralizedTime. The criteria for which time encoding to use depends on the date being encoded. We may choose to accept both encodings for all dates, or be more strict and enforce only the proper encoding for a given date.
There may be other discrepancies as well.
Attachments
Issue Links
- relates to
-
-
- Closed
-