signed applets (PKCS#7 in JAR files...)

Hans Schupp (schupp@darmstadt.gmd.de)
Wed, 10 Sep 1997 19:04:55 +0200

Date: Wed, 10 Sep 1997 19:04:55 +0200
From: Hans Schupp <schupp@darmstadt.gmd.de>
To: java-security@web2.javasoft.com
Subject: signed applets (PKCS#7 in JAR files...)

Hello everybody!

I just came across your example for signed applets (on page
http://java.sun.com/security/signExample/). The signature file in the
JAR package (dukesig.dsa) seems to be PKCS#7, you also made reference to
PKCS#7 elsewhere in the documents, I think...

The JAR package "signedWriteFile.jar" (the one available for download
from the web as well as the one I created by myself using your "doit"
script) contain a dukesig.dsa file, that bears quite some resemblance to
a PKCS#7 structure, but that not really IS one. The ObjectIdentifier is
not correct (1.2.840.1113549.1.7.x instead of 1.2.840.113549.1.7.x) and
all tags and OPTIONALs in the ASN.1 encoding are ignored...

I just wanted to ask, if this is a bug or a feature.

best regards, Hans

-- 
-------------------------------------------------------------------------------
 Hans Schupp, GMD - German National		eMail: schupp@darmstadt.gmd.de
 Research Center for Information Technology,	
 Institute for Telecooperation Technology	Tel:  +49-6151-869-715
 Dolivostrasse 15, D-64293 Darmstadt, GERMANY	Fax:  +49-6151-869-704