Dear list,
I have encountered a behavior difference between the CMS
routines in OpenSSL and the equivalent functionality in
another CMS implementation, and I wonder which is the
correct behavior.
I was examining a CMS signature made by someone else and
found that some implementations accepted
> So I am wondering what the officially correct behavior is
> when verifying such a case. Should the
> SignerInfo.issuerAndSerialNumber.issuer be treated as
> matching or as not matching a certificate in which an
> otherwise identical string is tagged differently but
> represents the same textual
On 02/10/2015 16:20, Jeffrey Walton wrote:
So I am wondering what the officially correct behavior is
when verifying such a case. Should the
SignerInfo.issuerAndSerialNumber.issuer be treated as
matching or as not matching a certificate in which an
otherwise identical string is tagged