Suggesting Correction In H.235
Lior Moscovici
Lior_Moscovici at VOCALTEC.COM
Wed Dec 31 04:23:29 EST 1997
There is a seeming inconsistency between the ASN.1 definition and section
10.3 in H.235:
CryptoToken::= CHOICE
{
cryptoEncryptedToken SEQUENCE ? General purpose/application specific
token
{
tokenOID OBJECT IDENTIFIER,
token ENCRYPTED { EncodedGeneralToken }
},
cryptoSignedToken SEQUENCE -- General purpose/application specific
token
{
tokenOID OBJECT IDENTIFIER,
token SIGNED { EncodedGeneralToken }
},
cryptoHashedToken SEQUENCE -- General purpose/application specific
token
{
tokenOID OBJECT IDENTIFIER,
hashedVals ClearToken,
token HASHED { EncodedGeneralToken }
},
cryptoPwdEncr ENCRYPTED { EncodedPwdCertToken },
...
}
According to section 10.3, additional choices for hashing and signature
password based are needed:
CryptoToken::= CHOICE
{
<OMITTED>
cryptoPwdEncr ENCRYPTED { EncodedPwdCertToken },
<-- ************ ADD THE FOLLOWING:****************>
hashedPwdEncr SEQUENCE
{
hashedTimeStamp TimeStamp,
token HASHED { EncodedPwdCertToken }
},
signedCertEncr SIGNED { EncodedPwdCertToken },
...
}
Alternatively, one could use the general purpose cryptoSignedToken and
cryptoHashedToken, but this is using non-standard (including an allocation
of tokenOIDs) means to implement standard features...
Lior.
More information about the sg16-avd
mailing list