Date: Wed, 10 Sep 1997 19:04:55 +0200
From: Hans Schupp <schupp@darmstadt.gmd.de>
To: java-security@web2.javasoft.com
Subject: signed applets (PKCS#7 in JAR files...)
Hello everybody!
I just came across your example for signed applets (on page
http://java.sun.com/security/signExample/). The signature file in the
JAR package (dukesig.dsa) seems to be PKCS#7, you also made reference to
PKCS#7 elsewhere in the documents, I think...
The JAR package "signedWriteFile.jar" (the one available for download
from the web as well as the one I created by myself using your "doit"
script) contain a dukesig.dsa file, that bears quite some resemblance to
a PKCS#7 structure, but that not really IS one. The ObjectIdentifier is
not correct (1.2.840.1113549.1.7.x instead of 1.2.840.113549.1.7.x) and
all tags and OPTIONALs in the ASN.1 encoding are ignored...
I just wanted to ask, if this is a bug or a feature.
best regards, Hans
-- ------------------------------------------------------------------------------- Hans Schupp, GMD - German National eMail: schupp@darmstadt.gmd.de Research Center for Information Technology, Institute for Telecooperation Technology Tel: +49-6151-869-715 Dolivostrasse 15, D-64293 Darmstadt, GERMANY Fax: +49-6151-869-704