ITU-T recommendations for X.509v3 certificates

Richard Salz rsalz at
Tue Nov 6 23:17:11 EST 2007

> I'm looking for a halfway self-contained set of ITU-T recommendations
> which are relevant for implementing X.509v3 certificates.  The
> references in RFC 3280 appear to be incomplete; for instance, a
> reference for ASN.1 itself is missing.

The ITU/ISO ASN1 standards are available for free download; see

> Or is it unreasonable to expect that the specs match what is actually
> needed for interoperability with existing implementations (mostly in the
> TLS, S/MIME area)?

It's no worse than any other spec-vs-reality.  You're more likely to find 
issues with the IETF specs layered on top of ASN1 than with ASN1 itself.


STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list