Signature specification without certificates



Signatures are inambiguously specified when embedded in an X.509
certificate, as per the following ASN.1 defined in RFC 3280:

Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}

How does one specify signatures without using certificates? I guess one
could use a type like

SignatureInfo ::= SEQUENCE {
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}

However, I have yet to find an RFC or some other standard in which such a
thing is discussed. Can anybody help?

.



Relevant Pages

  • Hacking PGP WoT onto X.509 systems
    ... Certificate Authorities providing the be-all end-all ... PGP users certify other users' keys by signing the corresponding uids, ... belongs to the owner specified in the certificate. ... Direct signatures: PGP signatures on the X.509 ...
    (sci.crypt)
  • Re: Signature specification without certificates
    ... certificate, as per the following ASN.1 defined in RFC 3280: ... For x9.59 financial transaction protocol I had to do ASN.1 ... specifications for digital signatures independent of certificates. ... A digital certificate oriented payment transaction was then appending ...
    (sci.crypt)
  • key usage question
    ... According to their "Key usage" property, the first one is for "Digital ... (which is not intended for digital signing according to its KeyUsage ... Do I need to check the certificate purpose before signing ... Can I consider these signatures as reliable, ...
    (microsoft.public.platformsdk.security)
  • Re: Verifying signed JARs in Java is crap!
    ... [Please remove signatures in replies.] ... can easily validate. ... As you use getType, the cast seems reasonable. ... (Signed with a root certificate from thawte ...
    (comp.lang.java.security)
  • Re: How to renew a certificate programmicaly
    ... Now, After I succeed in creating a renew request, I have a new problem with ... I want to define a template when the first certificate is issued by an RAO ... requires 1 signatures, ...
    (microsoft.public.platformsdk.security)