ASN.1 accross revisions

Bancroft Scott baos at OSS.COM
Tue Jun 30 16:21:12 EDT 1998 

On Tue, 30 Jun 1998, Pete Cordell wrote:

> I admit that I am only just hanging in there with this debate, but I
> think I have a possible solution 5 to throw in as a contender.
>
> Looking at the problem a bit laterally, we have RasMessage in UDP
> packets that we want to sign, and H323-UserInformation in the UUIE that
> we want to sign.  Currently these are the only chunks of ASN.1 in these
> fields.
>
> We could add a second piece of ASN.1 into these fields (UDP packet and
> UUIE) that contains the signatures, such as:
>
> H323Extra ::= CHOICE
> {
>       icv     ICV,
>       ...
> }
>
> This would be a separate ASN.1 tree.  Therefore in a RAS UDP packet you
> would get:
>
>       RasMessage chunk of ASN.1
>       H323Extra chunk of ASN.1 typically containing signature
>
> Similarly in the UUIE, you would have
>
>       H323-UserInformation chunk of ASN.1
>       H323Extra chunk of ASN.1
>
> Note that all the key ids and time stamps etc., would remain in the
> RasMessage and H323-UserInformation parts (so they get signed).
>
> I agree this is not beautiful, but it does not require multiple ASN.1
> encodings, and doesn't radically change the format of the message
> depending on whether you want to sign it or not (as solution 4 seems
> to).

This crossed my mind a couple days ago, but it is not clear how this would
be backward compatible.  That is, how would an older version handle this
added information that comes after the H323-UserInformation?  I like the
general idea, but if I am not mistaken it is not backward compatible.

I have an idea as to how to do as you suggest in a backward compatible
manner, but before I go down that path I need to know the answer to
the question: Are the most recent implementations that know of H.323
required to transmit an ICV with each RasMessage or H323-UserInformation?

--------------------------------------------------------------------------
Bancroft Scott                                Toll Free    :1-888-OSS-ASN1
Open Systems Solutions, Inc.                  International:1-609-987-9073
baos at oss.com                                  Tech Support :1-732-249-5107
http://www.oss.com                            Fax          :1-732-249-4636

More information about the sg16-avd mailing list