On Sat, Sep 16, 2006 at 05:35:27AM +1200, Peter Gutmann wrote: > David Shaw <[EMAIL PROTECTED]> writes: > > >Incidentally, GPG does not attempt to parse the PKCS/ASN.1 data at all. > >Instead, it generates a new structure during signature verification and > >compares it to the original. > > How does it handle the NULL vs.optional parameters ambiguity?
GPG generates a new structure for each comparison, so just doesn't include any extra parameters on it. Any optional parameters on a signature would cause that signature to fail validation. RFC-2440 actually gives the exact bytes to use for the ASN.1 stuff, which nicely cuts down on ambiguity. David --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
