https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2834
Graeme Lunt <graeme@xxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |graeme@xxxxxxxxxxx
--- Comment #3 from Graeme Lunt <graeme@xxxxxxxxxxx> 2009-06-15 13:04:39 PDT ---
(In reply to comment #2)
> Created an attachment (id=2199)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2199) [details]
> Captured packet bearing the cert in question.
>
> I didn't save all frames which made up the cert; this capture file should fix
> that.
>
Hi,
I have looked at this bug and it would appear that either the definition you
suggest, or your example capture, are incorrect.
As I decode the certificate extension 2.5.29.3, it appears to contain three
nested SEQUENCES and not two before the OID of the certPolicyId. See below:
SEQUENCE
OID: 2.5.29.3 (id-ce-certificatePolicies)
OCTETSTRING [BER encoded]
SEQUENCE
SEQUENCE
SEQUENCE
OID: 2.16.840.1.113733.1.7.1.1
(joint-iso-itu-t.16.840.1.113733.1.7.1.1)
SEQUENCE
IA5String [truncated]: This certificate incorporates by
reference, and its use is strictly subject to, the VeriSign Certification
Practice Statement (CPS), available at: https://www.verisign.com/CPS; by E-mail
at CPS-requests@xxxxxxxxxxxx;
[CONTEXT 0]
OID: 2.16.840.1.113733.1.7.1.1.1
(joint-iso-itu-t.16.840.1.113733.1.7.1.1.1)
[CONTEXT 1]
OID: 2.16.840.1.113733.1.7.1.1.2
(joint-iso-itu-t.16.840.1.113733.1.7.1.1.2)
SEQUENCE
SEQUENCE
IA5String:
https://www.verisign.com/repository/CPS
Consequently it doesn't decode.
Can you shed any light?
Thanks,
Graeme
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.