Hiya, On 20/12/2023 14:46, Stephen Farrell wrote:
Hiya, On 20/12/2023 07:35, 朱文杰 wrote:Hello, After read RFC 5280, I have a question.For a CRL, if the version field is omitted, what is its default version? Is it v1?
Actually, sorry now I re-read the question, I probably gave the wrong answer;-) AFAIK, pretty much all CRLs used in the real world are v2 and hence have the version field present. If the version field is not present, then in theory that should be a v1 CRL, but in practice it's likely whomever made the CRL has a bug. And in case I got it wrong again, I've cc'd the list for the lamps WG this time:-) Cheers, S.
v2 I think, based on the text from appendix A: "TBSCertList ::= SEQUENCE { version Version OPTIONAL, -- if present, MUST be v2" Cheers, S. PS: the current best list for such questions is [1]. [1] https://www.ietf.org/mailman/listinfo/spasmI can't find any information about this in RFC 5280, also in RFC 2459 and 3280? Please help me solve this confusion. Sincerely thanks.
Attachment:
OpenPGP_0xE4D8E9F997A833DD.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
