Rob: >> And if we interpret 5280 strictly and conclude that is still a >> good plan then the question would be what to do about the SCT >> encoding, which could be to do something hacky like prepending >> another OCTET STRING tag and a length I suppose, > > Stephen, RFC6962 does precisely that, and the current 6962-bis text aims to > do the same. > > Adding yet another OCTET STRING would turn it into an OCTET STRING inside an > OCTET STRING inside an OCTET STRING! > > I'd be surprised if Russ or Steve Kent would consider that to be any better > than the current plan (an OCTET STRING inside an OCTET STRING).
I will not speak for Steve Kent. But I do not think tat an extra OCTET STRING wrapping is the way to go. Sure, it would legalistically conform to the words in RFC 5280, but I think the straightforward use of ASN.1 would be better. Russ _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
