> > RFC-2440 actually gives the exact bytes to use for the > > ASN.1 stuff, which nicely cuts down on ambiguity. > > This amounts to *not* using ASN.1 - treating the ASN.1 > data as mere arbitrary padding bits, devoid of > information content.
Again, not quite right. You have to do a memcmp() and make sure you've got the right arbitrary padding bits. Anyway, the attack applies even if you throw away the ASN.1 data. William --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]