Signature specification without certificates

From: "James H. Markowitz" <noone@xxxxxxxxxxx>
Date: Mon, 21 Sep 2009 17:11:40 +0000 (UTC)

Signatures are inambiguously specified when embedded in an X.509
certificate, as per the following ASN.1 defined in RFC 3280:

Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}

How does one specify signatures without using certificates? I guess one
could use a type like

SignatureInfo ::= SEQUENCE {
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}

However, I have yet to find an RFC or some other standard in which such a
thing is discussed. Can anybody help?

.

Follow-Ups:
- Re: Signature specification without certificates
  - From: Anne & Lynn Wheeler
- Re: Signature specification without certificates
  - From: Tom St Denis
- Re: Signature specification without certificates
  - From: Bruce Stephens

Prev by Date: Re: What About LibTomCrypt?
Next by Date: Re: Signature specification without certificates
Previous by thread: What About LibTomCrypt?
Next by thread: Re: Signature specification without certificates
Index(es):
- Date
- Thread

Relevant Pages

Hacking PGP WoT onto X.509 systems
... Certificate Authorities providing the be-all end-all ... PGP users certify other users' keys by signing the corresponding uids, ... belongs to the owner specified in the certificate. ... Direct signatures: PGP signatures on the X.509 ...
(sci.crypt)
Re: Signature specification without certificates
... certificate, as per the following ASN.1 defined in RFC 3280: ... For x9.59 financial transaction protocol I had to do ASN.1 ... specifications for digital signatures independent of certificates. ... A digital certificate oriented payment transaction was then appending ...
(sci.crypt)
key usage question
... According to their "Key usage" property, the first one is for "Digital ... (which is not intended for digital signing according to its KeyUsage ... Do I need to check the certificate purpose before signing ... Can I consider these signatures as reliable, ...
(microsoft.public.platformsdk.security)
Re: Verifying signed JARs in Java is crap!
... [Please remove signatures in replies.] ... can easily validate. ... As you use getType, the cast seems reasonable. ... (Signed with a root certificate from thawte ...
(comp.lang.java.security)
Re: How to renew a certificate programmicaly
... Now, After I succeed in creating a renew request, I have a new problem with ... I want to define a template when the first certificate is issued by an RAO ... requires 1 signatures, ...
(microsoft.public.platformsdk.security)