[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 RFC 4134

Internet Draft                              Editor: Paul Hoffman
draft-ietf-smime-examples-08.txt            Internet Mail Consortium
September 25, 2002
Expires in six months

                    Examples of S/MIME Messages

Status of this memo

Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time.  It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."

       The list of current Internet-Drafts can be accessed at
       http://www.ietf.org/ietf/1id-abstracts.txt

       The list of Internet-Draft Shadow Directories can be accessed at
       http://www.ietf.org/shadow.html.

This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.

Abstract

This document gives examples of message bodies formatted using S/MIME.
Specifically, it has examples of Cryptographic Message Syntax (CMS)
objects, S/MIME messages (including the MIME formatting), and Enhanced
Security Services for S/MIME (ESS). It includes examples of most or all
common CMS and ESS formats; in addition, it gives examples that show
common pitfalls in implementing CMS. The purpose of this document is to
help increase interoperability for S/MIME and other protocols that rely
on CMS.

1. Introduction

The examples in this document show the structure and format of CMS
message bodies, as described in [CMS]. They are useful to implementors
who use protocols that rely on CMS, such as the S/MIME message format
protocol. There are also examples of simple S/MIME messages [SMIME-MSG]
(including the MIME headers), and ESS messages [SMIME-ESS].

Every example in this document has been checked by two different
implementors. This strongly indicates (but does not assure) that the
examples are correct. All CMS implementors must read the CMS document
carefully before implementing from it. No one should use the examples
in this document as stand-alone explanations of how to create CMS
message bodies.

This document explicitly does not attempt to cover many PKIX [PKIX]
examples. Documents with examples of that format may be forthcoming.
Also, note that [DVCS], which covers PKIX Data Validation and
Certification Server Protocols, has examples of formats for its
protocol.

This draft is being discussed on the 'ietf-smime-examples' mailing list.
To join the list, send a message to ietf-smime-examples-request@imc.org
with the single word "subscribe" in the body of the message.  Also,
there is a Web site for the mailing list at
<http://www.imc.org/ietf-smime-examples/>. Note that S/MIME itself is
discussed in the IETF's S/MIME Working Group; see
<http://www.imc.org/ietf-smime/> for more information.

2. Contributions To This Document

The examples shown here will be created and validated by many different
people. In the example listings in Appendix B, there is a tag with the
initials of the creator of the example, and one or more tags for the
people who validated the example.

Some of the examples are of mis-implementations of CMS and ESS. That
is, if a developer reading the CMS or ESS specification created a
message body that was illegal, and another developer agreed that the
mis-reading was potentially a pitfall for later developers, that
message body is also included here. To make it clear which examples are
bad, they are all put into a single section of this document with
(hopefully) explicit headings.

To contribute an implementation of an unimplemented example listed in
this document, to verify that you got the same results as an example
listed here, or to suggest a new example that should be listed, please
contact the document author at the address listed near the end of the
document.

3. Constants Used in the Examples

This section defines the data used in the rest of the document. The names
of the constants indicate their use. For example, AlicePrivDSSSign is the
private part of Alice's DSS signing key.

   - Alice is the creator of the message bodies in this spec.

   - Bob is the recipient of the messages.

   - Carl is a CA.

   - Diane sometimes gets involved with these folks.

   - Erica also sometimes gets involved.

3.1 Content of documents

ExContent is the following sentence:
       This is some sample content.
That is, it is the string of characters starting with "T" up to and
including the ".".

The hex for ExContent is
5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e

The MD5 hash of ExContent is
9898 cac8 fab7 691f f89d c207 24e7 4a04

The SHA-1 hash of ExContent is
406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48

3.2 Private Keys

The following private keys are needed to create the samples.
To find the public keys, see the certificates in the next section.

AlicePrivDSSSign =
     0 30  331: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30  299:   SEQUENCE {
    11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :       (ANSI X9.57 algorithm)
    20 30  286:     SEQUENCE {
    24 02  129:       INTEGER
              :         00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
              :         47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
              :         E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
              :         2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
              :         E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
              :         2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
              :         C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
              :         B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
              :         DB
   156 02   21:       INTEGER
              :         00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
              :         62 8B F7 93 CD
   179 02  128:       INTEGER
              :         26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
              :         76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
              :         9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
              :         7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
              :         EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
              :         85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
              :         95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
              :         BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
              :       }
              :     }
   310 04   23:   OCTET STRING, encapsulates {
   312 02   21:       INTEGER
              :         00 BB 44 46 D1 A5 C9 46 07 2E D0 FE 7A D6 92 07
              :         F0 9A 85 89 3F
              :       }
              :   }

AlicePrivRSASign =
     0 30  630: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30   13:   SEQUENCE {
     9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
              :       (PKCS #1)
    20 05    0:     NULL
              :     }
    22 04  608:   OCTET STRING, encapsulates {
    26 30  604:       SEQUENCE {
    30 02    1:         INTEGER 0
    33 02  129:         INTEGER
              :           00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
              :           05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
              :           6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
              :           82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
              :           CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
              :           F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
              :           E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
              :           3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
              :           5F
   165 02    3:         INTEGER 65537
   170 02  128:         INTEGER
              :           00 A4 03 C3 27 47 76 34 34 6C A6 86 B5 79 49 01
              :           4B 2E 8A D2 C8 62 B2 C7 D7 48 09 6A 8B 91 F7 36
              :           F2 75 D6 E8 CD 15 90 60 27 31 47 35 64 4D 95 CD
              :           67 63 CE B4 9F 56 AC 2F 37 6E 1C EE 0E BF 28 2D
              :           F4 39 90 6F 34 D8 6E 08 5B D5 65 6A D8 41 F3 13
              :           D7 2D 39 5E FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F
              :           B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B DE 87 06 22
              :           7D 04 66 5E C9 1B AF 8B 1A C3 EC 91 44 AB 7F 21
   301 02   65:         INTEGER
              :           00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27 FC E5 B3 50
              :           6A 9D E5 0F B5 85 96 C6 40 FA A8 0A B4 9B 9B 0C
              :           55 C2 01 1D F9 37 82 8A 14 C8 F2 93 0E 92 CD A5
              :           66 21 B9 3C D2 06 BF B4 55 31 C9 DC AD CA 98 2D
              :           D1
   368 02   65:         INTEGER
              :           00 E8 DE B0 11 25 09 D2 02 51 01 DE 8A E8 98 50
              :           F5 77 77 61 A4 45 93 6B 08 55 96 73 5D F4 C8 5B
              :           12 93 22 73 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C
              :           22 6A DA 38 91 2A 86 5B 6C 14 E8 AE 4C 9E FA 8E
              :           2F
   435 02   65:         INTEGER
              :           00 97 4C F0 87 9B 17 7F EE 1B 83 1B 14 B6 0B 6A
              :           90 5F 86 27 51 E1 B7 A0 7F F5 E4 88 E3 59 B9 F9
              :           1E 9B D3 29 77 38 22 48 D7 22 B1 25 98 BA 3D 59
              :           53 B7 FA 1E 20 B2 C8 51 16 23 75 93 51 E7 AB CD
              :           F1
   502 02   64:         INTEGER
              :           2C F0 24 5B FA A0 CD 85 22 EA D0 6E 4F FA 6C CD
              :           21 D3 C8 E4 F1 84 44 48 64 73 D7 29 8F 7E 46 8C
              :           EC 15 DE E4 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA
              :           A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE E9 83 02 83
   568 02   64:         INTEGER
              :           58 88 D9 A1 50 38 84 6A AB 03 BC BB DF 4B F4 9C
              :           6F B8 B4 2A 25 FB F6 E4 05 2F 6E E2 88 89 21 6F
              :           4B 25 9E D0 AB 50 93 CA BF 40 71 EC 21 25 C5 7F
              :           FB 02 E9 21 96 B8 33 CD E2 C6 95 EE 6F 8D 5F 28
              :         }
              :       }
              :   }

BobPrivDHEncrypt =
     0 30  355: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30  312:   SEQUENCE {
    11 06    7:     OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :       (ANSI X9.42 number-type)
    20 30  299:     SEQUENCE {
    24 02  129:       INTEGER
              :         00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
              :         25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
              :         24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
              :         AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
              :         41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
              :         FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
              :         74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
              :         43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
              :         33
   156 02  129:       INTEGER
              :         00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
              :         E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
              :         24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
              :         5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
              :         9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
              :         05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
              :         42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
              :         C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
              :         A7
   288 02   33:       INTEGER
              :         00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
              :         A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
              :         BD
              :       }
              :     }
   323 04   34:   OCTET STRING, encapsulates {
   325 02   32:       INTEGER
              :         20 FC 67 82 EE CF 4A A6 C8 E5 83 D2 8C 3B 8A D2
              :         45 32 11 27 32 6C 86 EC 66 CA 71 AD F0 19 4D F7
              :       }
              :   }

BobPrivRSAEncrypt =
    0 30  645: SEQUENCE {
    4 02    1:   INTEGER 0
    7 30   13:   SEQUENCE {
    9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
             :       (PKCS #1)
   20 05    0:     NULL
             :     }
   22 04  608:   OCTET STRING, encapsulates {
   26 30  604:       SEQUENCE {
   30 02    1:         INTEGER 0
   33 02  129:         INTEGER
             :           00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 41 5E A6 79
             :           89 85 C8 35 5D 9A 91 5B FB 1D 01 DA 19 70 26 17
             :           0F BD A5 22 D0 35 85 6D 7A 98 66 14 41 5C CF B7
             :           B7 08 3B 09 C9 91 B8 19 69 37 6D F9 65 1E 7B D9
             :           A9 33 24 A3 7F 3B BB AF 46 01 86 36 34 32 CB 07
             :           03 59 52 FC 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
             :           1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 D8 69 01 F1
             :           05 F8 7A 70 D1 BE 83 C6 5F 38 CF 1C 2C AA 6A A7
             :           EB
  165 02    3:         INTEGER 65537
  170 02  128:         INTEGER
             :           67 CD 48 4C 9A 0D 8F 98 C2 1B 65 FF 22 83 9C 6D
             :           F0 A6 06 1D BC ED A7 03 88 94 F2 1C 6B 0F 8B 35
             :           DE 0E 82 78 30 CB E7 BA 6A 56 AD 77 C6 EB 51 79
             :           70 79 0A A0 F4 FE 45 E0 A9 B2 F4 19 DA 87 98 D6
             :           30 84 74 E4 FC 59 6C C1 C6 77 DC A9 91 D0 7C 30
             :           A0 A2 C5 08 5E 21 71 43 FC 0D 07 3D F0 FA 6D 14
             :           9E 4E 63 F0 17 58 79 1C 4B 98 1C 3D 3D B0 1B DF
             :           FA 25 3B A3 C0 2C 98 05 F6 10 09 D8 87 DB 03 19
  301 02   65:         INTEGER
             :           00 D0 C3 22 C6 DE A2 99 18 76 8F 8D BC A6 75 D6
             :           66 3F D4 8D 45 52 8C 76 F5 72 C4 EB F0 46 9A F1
             :           3E 5C AA 55 0B 9B DA DD 6B 6D F8 FC 3B 3C 08 43
             :           93 B5 5B FE CE EA FD 68 84 23 62 AF F3 31 C2 B9
             :           E5
  368 02   65:         INTEGER
             :           00 D0 51 FC 1E 22 B7 5B ED B5 8E 01 C8 D7 AB F2
             :           58 D4 F7 82 94 F3 53 A8 19 45 CB 66 CA 28 19 5F
             :           E2 10 2B F3 8F EC 6A 30 74 F8 4D 11 F4 A7 C4 20
             :           B5 47 21 DC 49 01 F9 0A 20 29 F0 24 08 84 60 7D
             :           8F
  435 02   64:         INTEGER
             :           34 BA 64 C9 48 28 57 74 D7 55 50 DE 6A 48 EF 1B
             :           2A 5A 1C 48 7B 1E 21 59 C3 60 3B 9B 97 A9 C0 EF
             :           18 66 A9 4E 62 52 38 84 CE E5 09 88 48 94 69 C5
             :           20 14 99 5A 57 FE 23 6C E4 A7 23 7B D0 80 B7 85
  501 02   65:         INTEGER
             :           00 9E 2F B3 37 9A FB 0B 06 5D 57 E1 09 06 A4 5D
             :           D9 90 96 06 05 5F 24 06 40 72 9C 3A 88 85 9C 87
             :           0F 9D 62 12 88 16 68 A8 35 1A 1B 43 E8 38 C0 98
             :           69 AF 03 0A 48 32 04 4E E9 0F 8F 77 7D 34 30 25
             :           07
  568 02   64:         INTEGER
             :           57 18 67 D6 0A D2 B5 AB C2 BA 7A E7 54 DA 9C 05
             :           4F 81 D4 EF 01 89 1E 32 3D 69 CB 31 C4 52 C8 54
             :           55 25 00 3B 1C 2A 7C 26 50 D5 E9 A6 D7 77 CB CF
             :           15 F5 EE 0B D5 8D EE B3 AF 4C A1 7C 63 46 41 F6
             :         }
             :       }
  634 A0   13:   [0] {
  636 30   11:     SEQUENCE {
  638 06    3:       OBJECT IDENTIFIER keyUsage (2 5 29 15)
             :         (X.509 id-ce (2 5 29))
  643 31    4:       SET {
  645 03    2:         BIT STRING 0 unused bits
             :           '00001000'B (bit 3)
             :           Error: Spurious zero bits in bitstring.
             :         }
             :       }
             :     }
             :   }

CarlPrivDSSSign =
     0 30  330: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30  299:   SEQUENCE {
    11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :       (ANSI X9.57 algorithm)
    20 30  286:     SEQUENCE {
    24 02  129:       INTEGER
              :         00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
              :         7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
              :         EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
              :         E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
              :         ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
              :         48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
              :         FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
              :         CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
              :         E9
   156 02   21:       INTEGER
              :         00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
              :         5D 98 B9 10 D5
   179 02  128:       INTEGER
              :         0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
              :         ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
              :         62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
              :         AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
              :         F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
              :         44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
              :         8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
              :         25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
              :       }
              :     }
   310 04   22:   OCTET STRING, encapsulates {
   312 02   20:       INTEGER
              :         19 B3 38 A5 21 62 31 50 E5 7F B9 3E 08 46 78 D1
              :         3E B5 E5 72
              :       }
              :   }

CarlPrivRSASign  =
     0 30  630: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30   13:   SEQUENCE {
     9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
              :       (PKCS #1)
    20 05    0:     NULL
              :     }
    22 04  608:   OCTET STRING, encapsulates {
    26 30  604:       SEQUENCE {
    30 02    1:         INTEGER 0
    33 02  129:         INTEGER
              :           00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
              :           5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
              :           B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
              :           A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
              :           E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
              :           D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
              :           29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
              :           57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
              :           F1
   165 02    3:         INTEGER 65537
   170 02  129:         INTEGER
              :           00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 EF 38 5F 53
              :           21 2A 2F 62 FE DE 29 9A 7A 86 67 36 E7 7D 62 78
              :           75 3D 73 A0 BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA
              :           D6 13 9B C3 97 7A CA 6A F0 B8 85 65 4E 0F BD A7
              :           A8 F7 54 06 41 BD EB DC 20 77 90 DF 61 9B 9A 6F
              :           74 DE EA 3B D4 9C 87 60 ED 76 84 F1 6A 30 37 D5
              :           E0 90 16 F8 80 47 C3 19 6B ED 75 77 BA 4A ED 39
              :           B6 5D 02 47 3B 5F 1B C8 1C AB CB E8 F5 26 3F A4
              :           81
   302 02   65:         INTEGER
              :           00 FF DF 09 A0 56 0B 42 52 9E C4 4D 93 B3 B0 49
              :           BB DE E7 81 7D 28 99 D0 B1 48 BA 0B 39 E1 1C 7B
              :           22 18 33 B6 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A
              :           61 0A 6E 3B CE 30 DA 36 9F 65 25 29 BB A7 0E 7F
              :           0B
   369 02   65:         INTEGER
              :           00 E4 69 68 18 5F F9 57 D0 7C 66 89 0F BA 63 1D
              :           72 CB 20 A4 81 76 64 89 CD 7D D1 C2 27 A9 2E AC
              :           7A 56 9A 85 07 D9 30 03 A3 03 AB 7F 88 92 50 24
              :           01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 B6 C2 7E AB
              :           73
   436 02   64:         INTEGER
              :           57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 44 00 F8 80
              :           E2 AF 42 01 A9 0F 14 84 F8 E7 00 E0 8F 8C 27 A4
              :           2D 5F A2 E5 6D B5 63 C0 AD 44 E9 76 91 A7 19 49
              :           2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 D8 54 26 95
   502 02   64:         INTEGER
              :           64 A1 0F AC 55 74 1B BD 0D 61 7B 17 03 CD B0 E6
              :           A7 19 1D 80 AF F1 41 48 D8 1A B6 88 14 A0 2C 7A
              :           C5 76 D4 0F 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73
              :           BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 A3 F3 7C 83
   568 02   64:         INTEGER
              :           26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 6E 6B 73 19
              :           88 61 3A FA 74 4A 36 8B 47 68 5D 50 EB 26 E3 EA
              :           7D 9B 4E 65 A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11
              :           AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 D1 6D 8D FA
              :         }
              :       }
              :   }

DianePrivDHEncrypt =
     0 30  354: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30  311:   SEQUENCE {
    11 06    7:     OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :       (ANSI X9.42 number-type)
    20 30  298:     SEQUENCE {
    24 02  129:       INTEGER
              :         00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4
              :         10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39
              :         BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
              :         9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4
              :         F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82
              :         68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
              :         BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63
              :         E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2
              :         DF
   156 02  128:       INTEGER
              :         6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C
              :         A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
              :         37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
              :         DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71
              :         21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
              :         69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
              :         09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E
              :         7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7
   287 02   33:       INTEGER
              :         00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D
              :         46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E
              :         1F
              :       }
              :     }
   322 04   34:   OCTET STRING, encapsulates {
   324 02   32:       INTEGER
              :         58 2E 89 AB 57 34 7D 3C F5 9A 75 CB 7D 99 8A 19
              :         2F 3C 7A A6 85 C9 2F 1B 5A 47 03 E3 82 16 E4 9B
              :       }
              :   }

DianePrivDSSSign =
     0 30  331: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30  299:   SEQUENCE {
    11 06    7:     OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :       (ANSI X9.57 algorithm)
    20 30  286:     SEQUENCE {
    24 02  129:       INTEGER
              :         00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
              :         7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
              :         EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
              :         E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
              :         ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
              :         48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
              :         FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
              :         CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
              :         E9
   156 02   21:       INTEGER
              :         00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
              :         5D 98 B9 10 D5
   179 02  128:       INTEGER
              :         0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
              :         ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
              :         62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
              :         AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
              :         F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
              :         44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
              :         8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
              :         25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
              :       }
              :     }
   310 04   23:   OCTET STRING, encapsulates {
   312 02   21:       INTEGER
              :         00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B 42 52 93 2A
              :         E6 1E 0E 21 29
              :       }
              :   }

DianePrivRSASignEncrypt =
     0 30  631: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30   13:   SEQUENCE {
     9 06    9:     OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
              :       (PKCS #1)
    20 05    0:     NULL
              :     }
    22 04  609:   OCTET STRING, encapsulates {
    26 30  605:       SEQUENCE {
    30 02    1:         INTEGER 0
    33 02  129:         INTEGER
              :           00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2
              :           62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99
              :           24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
              :           A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28
              :           0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E
              :           67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
              :           93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5
              :           0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0
              :           85
   165 02    3:         INTEGER 65537
   170 02  128:         INTEGER
              :           3D BD CD C2 0E 61 14 5B 4B E7 BF 60 23 04 2B C5
              :           6B 35 A5 96 45 23 FC 69 7D 93 3C 0F D3 25 96 BA
              :           62 52 42 E2 96 CF FE 58 80 8F EB B1 8C BD D4 0D
              :           65 D0 3A 77 45 24 9E 0C EB 86 80 C3 AC 21 11 71
              :           44 E3 B2 A8 A9 2E AC 17 D2 A3 84 25 63 B5 BC 2F
              :           1E DD F6 21 FF 15 20 24 5B F1 80 2F D5 41 0E 32
              :           24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F 39 8D 62 BD
              :           80 FC 0C 24 92 93 E4 C3 D7 05 91 53 BB 96 B6 41
   301 02   65:         INTEGER
              :           00 F3 B8 3F 4A D1 94 B0 91 60 13 41 92 0D 8D 44
              :           3F 77 1D FF 96 23 44 08 D4 0B 70 C9 1A AF E9 90
              :           94 F2 B0 D5 5F 4F 19 85 50 A1 90 91 AE BD 05 76
              :           52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F 36 75 68 73
              :           B5
   368 02   65:         INTEGER
              :           00 E1 D2 E7 11 57 06 AE 72 95 22 16 AA 02 B4 5A
              :           ED 4E 9D 82 11 4F 96 3C 86 C9 10 8D 56 7B 31 75
              :           79 69 E7 75 68 38 00 4B 2E D2 26 32 DD B1 E2 E0
              :           2C 54 80 0A 75 BA D1 66 96 1B B0 0E A0 7E D2 BB
              :           91
   435 02   65:         INTEGER
              :           00 AF B6 BC DB 22 73 43 41 EC B4 B5 67 A9 A1 99
              :           FC EF D2 8E FD 1D FB E5 29 8B FE 0A DF D4 C8 5E
              :           57 25 0A 5D 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE
              :           08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5 5F AC 12 5C
              :           A9
   502 02   65:         INTEGER
              :           00 B9 98 41 FC 08 50 1F 73 60 8A 01 A2 7C 52 8A
              :           20 5A EA 2C 89 D9 A5 19 DD 94 C6 1B C3 25 C0 82
              :           51 E4 EE 2B 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03
              :           DD AB 1D 08 7B B5 AC 7F E9 82 9B F1 89 8A 71 DB
              :           61
   569 02   64:         INTEGER
              :           01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 DF A8 DE F7
              :           E2 B1 34 7D FC EB 91 BD B0 73 74 C8 C4 BE 3F 58
              :           45 30 06 90 B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B
              :           65 A1 16 39 39 B0 E3 74 7D CF CD C5 AC 6C BF E5
              :         }
              :       }
              :   }

EricaPrivDHEncryptBobParam =
     0 30  355: SEQUENCE {
     4 02    1:   INTEGER 0
     7 30  312:   SEQUENCE {
    11 06    7:     OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :       (ANSI X9.42 number-type)
    20 30  299:     SEQUENCE {
    24 02  129:       INTEGER
              :         00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
              :         25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
              :         24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
              :         AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
              :         41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
              :         FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
              :         74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
              :         43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
              :         33
   156 02  129:       INTEGER
              :         00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
              :         E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
              :         24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
              :         5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
              :         9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
              :         05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
              :         42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
              :         C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
              :         A7
   288 02   33:       INTEGER
              :         00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
              :         A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
              :         BD
              :       }
              :     }
   323 04   34:   OCTET STRING, encapsulates {
   325 02   32:       INTEGER
              :         48 64 11 E4 17 01 12 E6 C1 D3 9C 70 7D 7C A6 97
              :         95 BD C8 95 07 F7 CF 41 11 A7 13 91 FB 30 3D 8C
              :       }
              :   }

MailListTripleDES =
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f

MailListRC2 =
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9

3.3 Certificates

Note that Bob's and Diane's Diffie-Hellman encryption keys do *not*
share Diffie-Hellman parameters; however, Bob and Erica share Diffie-
Hellman parameters.

AliceDSSSignByCarlNoInherit =
     0 30  734: SEQUENCE {
     4 30  669:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02    2:     INTEGER 200
    17 30    9:     SEQUENCE {
    19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    28 30   18:     SEQUENCE {
    30 31   16:       SET {
    32 30   14:         SEQUENCE {
    34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    39 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    48 30   30:     SEQUENCE {
    50 17   13:       UTCTime '990817011049Z'
    65 17   13:       UTCTime '391231235959Z'
              :       }
    80 30   19:     SEQUENCE {
    82 31   17:       SET {
    84 30   15:         SEQUENCE {
    86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    91 13    8:           PrintableString 'AliceDSS'
              :           }
              :         }
              :       }
   101 30  438:     SEQUENCE {
   105 30  299:       SEQUENCE {
   109 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :           (ANSI X9.57 algorithm)
   118 30  286:         SEQUENCE {
   122 02  129:           INTEGER
              :             00 81 8D CD ED 83 EA 0A 9E 39 3E C2 48 28 A3 E4
              :             47 93 DD 0E D7 A8 0E EC 53 C5 AB 84 08 4F FF 94
              :             E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89
              :             2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C DC 5F 69 8A
              :             E4 75 D0 37 0C 91 08 95 9B DE A7 5E F9 FC F4 9F
              :             2F DD 43 A8 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3
              :             C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 78 BD FF 9D
              :             B0 84 97 37 F2 E4 51 1B B5 E4 09 96 5C F3 7E 5B
              :             DB
   254 02   21:           INTEGER
              :             00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F B8 37 21 2B
              :             62 8B F7 93 CD
   277 02  128:           INTEGER
              :             26 38 D0 14 89 32 AA 39 FB 3E 6D D9 4B 59 6A 4C
              :             76 23 39 04 02 35 5C F2 CB 1A 30 C3 1E 50 5D DD
              :             9B 59 E2 CD AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF
              :             7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B 3E 90 F8 6D
              :             EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D A3 07 CD 23
              :             85 B8 2F 30 01 7C 6D 49 89 11 89 36 44 BD F8 C8
              :             95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 1F 11 7F C2
              :             BD ED D1 50 FF 98 74 C2 D1 81 4A 60 39 BA 36 39
              :           }
              :         }
   408 03  132:       BIT STRING 0 unused bits, encapsulates {
   412 02  128:           INTEGER
              :             5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F A9 EC AC
              :             5E DC BD B7 13 11 34 A6 16 89 28 11 23 D9 34 86
              :             67 75 75 13 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2
              :             1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5 A0 4A E3
              :             85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB 53 1A B8
              :             27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65 FA 15 8B
              :             F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32 84 F0 7E
              :             41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2 83 E5 B8
              :           }
              :       }
   543 A3  131:     [3] {
   546 30  128:       SEQUENCE {
   549 30   32:         SEQUENCE {
   551 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :             (X.509 id-ce (2 5 29))
   556 04   25:           OCTET STRING, encapsulates {
   558 30   23:               SEQUENCE {
   560 81   21:                 [1] 'aliceDss@examples.com'
              :                 }
              :               }
              :           }
   583 30   12:         SEQUENCE {
   585 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   590 01    1:           BOOLEAN TRUE
   593 04    2:           OCTET STRING, encapsulates {
   595 30    0:               SEQUENCE {}
              :               }
              :           }
   597 30   14:         SEQUENCE {
   599 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   604 01    1:           BOOLEAN TRUE
   607 04    4:           OCTET STRING, encapsulates {
   609 03    2:               BIT STRING 6 unused bits
              :                 '11'B
              :               }
              :           }
   613 30   31:         SEQUENCE {
   615 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   620 04   24:           OCTET STRING, encapsulates {
   622 30   22:               SEQUENCE {
   624 80   20:                 [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                 }
              :               }
              :           }
   646 30   29:         SEQUENCE {
   648 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   653 04   22:           OCTET STRING
              :             04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01
              :             E2 FD E3 97 FE CD
              :           }
              :         }
              :       }
              :     }
   677 30    9:   SEQUENCE {
   679 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   688 03   48:   BIT STRING 0 unused bits, encapsulates {
   691 30   45:       SEQUENCE {
   693 02   21:         INTEGER
              :           00 98 B0 C6 3F CF 71 47 5A 35 A9 4A 8F C0 F8 24
              :           05 E8 46 94 8E
   716 02   20:         INTEGER
              :           5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9 A1 87 C1 A5
              :           7F 28 2D BB
              :         }
              :       }
              :   }

AliceRSASignByCarl =
     0 30  522: SEQUENCE {
     4 30  371:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02   16:     INTEGER
              :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
    31 30   13:     SEQUENCE {
    33 06    9:       OBJECT IDENTIFIER
              :         sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :         (PKCS #1)
    44 05    0:       NULL
              :       }
    46 30   18:     SEQUENCE {
    48 31   16:       SET {
    50 30   14:         SEQUENCE {
    52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    57 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
    66 30   30:     SEQUENCE {
    68 17   13:       UTCTime '990819070000Z'
    83 17   13:       UTCTime '391231235959Z'
              :       }
    98 30   19:     SEQUENCE {
   100 31   17:       SET {
   102 30   15:         SEQUENCE {
   104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
   109 13    8:           PrintableString 'AliceRSA'
              :           }
              :         }
              :       }
   119 30  159:     SEQUENCE {
   122 30   13:       SEQUENCE {
   124 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
              :           (PKCS #1)
   135 05    0:         NULL
              :         }
   137 03  141:       BIT STRING 0 unused bits, encapsulates {
   141 30  137:           SEQUENCE {
   144 02  129:             INTEGER
              :               00 E0 89 73 39 8D D8 F5 F5 E8 87 76 39 7F 4E B0
              :               05 BB 53 83 DE 0F B7 AB DC 7D C7 75 29 0D 05 2E
              :               6D 12 DF A6 86 26 D4 D2 6F AA 58 29 FC 97 EC FA
              :               82 51 0F 30 80 BE B1 50 9E 46 44 F1 2C BB D8 32
              :               CF C6 68 6F 07 D9 B0 60 AC BE EE 34 09 6A 13 F5
              :               F7 05 05 93 DF 5E BA 35 56 D9 61 FF 19 7F C9 81
              :               E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 9F 2D FA 55
              :               3A B9 99 77 02 A6 48 52 8C 4E F3 57 38 57 74 57
              :               5F
   276 02    3:             INTEGER 65537
              :             }
              :           }
              :       }
   281 A3   96:     [3] {
   283 30   94:       SEQUENCE {
   285 30   12:         SEQUENCE {
   287 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   292 01    1:           BOOLEAN TRUE
   295 04    2:           OCTET STRING, encapsulates {
   297 30    0:               SEQUENCE {}
              :               }
              :           }
   299 30   14:         SEQUENCE {
   301 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   306 01    1:           BOOLEAN TRUE
   309 04    4:           OCTET STRING, encapsulates {
   311 03    2:               BIT STRING 6 unused bits
              :                 '11'B
              :               }
              :           }
   315 30   31:         SEQUENCE {
   317 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   322 04   24:           OCTET STRING, encapsulates {
   324 30   22:               SEQUENCE {
   326 80   20:                 [0]
              :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
              :                   AE 9E 38 BB
              :                 }
              :               }
              :           }
   348 30   29:         SEQUENCE {
   350 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   355 04   22:           OCTET STRING
              :             04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D CE EC
              :             3C A0 3A E3 FF 50
              :           }
              :         }
              :       }
              :     }
   379 30   13:   SEQUENCE {
   381 06    9:     OBJECT IDENTIFIER
              :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :       (PKCS #1)
   392 05    0:     NULL
              :     }
   394 03  129:   BIT STRING 0 unused bits
              :     52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
              :     6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
              :     F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
              :     97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
              :     06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
              :     4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
              :     C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
              :     C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
              :   }

BobDHEncryptByCarl =
     0 30  866: SEQUENCE {
     4 30  801:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02    2:     INTEGER 201
    17 30    9:     SEQUENCE {
    19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    28 30   18:     SEQUENCE {
    30 31   16:       SET {
    32 30   14:         SEQUENCE {
    34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    39 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    48 30   30:     SEQUENCE {
    50 17   13:       UTCTime '990817011828Z'
    65 17   13:       UTCTime '391231235959Z'
              :       }
    80 30   16:     SEQUENCE {
    82 31   14:       SET {
    84 30   12:         SEQUENCE {
    86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    91 13    5:           PrintableString 'bobDH'
              :           }
              :         }
              :       }
    98 30  578:     SEQUENCE {
   102 30  439:       SEQUENCE {
   106 06    7:         OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :           (ANSI X9.42 number-type)
   115 30  426:         SEQUENCE {
   119 02  129:           INTEGER
              :             00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
              :             25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
              :             24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
              :             AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
              :             41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
              :             FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
              :             74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
              :             43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
              :             33
   251 02  129:           INTEGER
              :             00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
              :             E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
              :             24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
              :             5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
              :             9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
              :             05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
              :             42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
              :             C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
              :             A7
   383 02   33:           INTEGER
              :             00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
              :             A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
              :             BD
   418 02   97:           INTEGER
              :             01 34 FE C2 33 48 EB F6 3B 97 D9 E4 97 A7 60 A5
              :             25 69 34 FB FD 46 2A D6 C9 C4 C5 F7 D6 F4 04 19
              :             8D 94 D9 8A 37 68 69 67 55 FB F2 6B 0E 47 C5 5B
              :             0B 4B 0E 1C 1A 8B 7B 75 B7 AA C3 AA D7 EB 3B DA
              :             2A 8D 02 87 37 47 83 D7 31 B4 25 A8 AC BB 11 88
              :             53 1C 11 92 B6 69 E7 2E 90 C1 7A FC 87 F4 F6 D7
              :             1A
   517 30   26:           SEQUENCE {
   519 03   21:             BIT STRING 0 unused bits
              :               B9 FF 1C 93 44 67 37 D1 B2 F8 57 9A 32 4A C9 4A
              :               FF 3B EC 1E
   542 02    1:             INTEGER 29
              :             }
              :           }
              :         }
   545 03  132:       BIT STRING 0 unused bits, encapsulates {
   549 02  128:           INTEGER
              :             6F D4 F6 CD 94 9A 6E AF 5B 57 17 96 75 BB 0F B9
              :             48 E9 90 37 0D 15 20 C2 55 1E 13 E2 AE 71 17 84
              :             C3 0E 74 AE 8A 55 7F 28 7D 8B D7 28 22 9C 76 46
              :             D7 3B 4F 9D D1 4D 1B B2 DB 51 94 C5 6D 54 96 40
              :             38 8A 38 81 63 4A 8C C3 1E 09 89 74 A6 58 D5 C8
              :             5A 3D CF BB B8 23 7F 9C 1F 7D 78 FA 9E F9 90 9E
              :             91 E7 4B C2 A4 BE 45 06 78 42 58 3D 9F 63 2C EF
              :             84 D4 67 E5 FB C6 6D A2 36 29 67 90 46 DB 4E 48
              :           }
              :       }
   680 A3  127:     [3] {
   682 30  125:       SEQUENCE {
   684 30   29:         SEQUENCE {
   686 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :             (X.509 id-ce (2 5 29))
   691 04   22:           OCTET STRING, encapsulates {
   693 30   20:               SEQUENCE {
   695 81   18:                 [1] 'bobDh@examples.com'
              :                 }
              :               }
              :           }
   715 30   12:         SEQUENCE {
   717 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   722 01    1:           BOOLEAN TRUE
   725 04    2:           OCTET STRING, encapsulates {
   727 30    0:               SEQUENCE {}
              :               }
              :           }
   729 30   14:         SEQUENCE {
   731 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   736 01    1:           BOOLEAN TRUE
   739 04    4:           OCTET STRING, encapsulates {
   741 03    2:               BIT STRING 3 unused bits
              :                 '10000'B
              :               }
              :           }
   745 30   31:         SEQUENCE {
   747 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   752 04   24:           OCTET STRING, encapsulates {
   754 30   22:               SEQUENCE {
   756 80   20:                 [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                 }
              :               }
              :           }
   778 30   29:         SEQUENCE {
   780 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   785 04   22:           OCTET STRING
              :             04 14 26 FF 19 48 C3 59 33 68 56 8D 7E C8 80 68
              :             5C CF 3C 72 DD 26
              :           }
              :         }
              :       }
              :     }
   809 30    9:   SEQUENCE {
   811 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   820 03   48:   BIT STRING 0 unused bits, encapsulates {
   823 30   45:       SEQUENCE {
   825 02   20:         INTEGER
              :           15 EA 15 43 E3 49 22 86 C1 BB E5 DA E4 0E B8 09
              :           E0 D5 72 35
   847 02   21:         INTEGER
              :           00 AE 4F 51 29 73 71 75 A9 81 EB ED 9D 5E 00 19
              :           7E F0 DE 5A D6
              :         }
              :       }
              :   }

BobRSASignByCarl =
    0 30  512: SEQUENCE {
    4 30  365:   SEQUENCE {
    8 A0    3:     [0] {
   10 02    1:       INTEGER 2
             :       }
   13 02   16:     INTEGER
             :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
   31 30    9:     SEQUENCE {
   33 06    5:       OBJECT IDENTIFIER sha-1WithRSAEncryption (1 3 14 3 2 29)
             :         (Oddball OIW OID)
   40 05    0:       NULL
             :       }
   42 30   18:     SEQUENCE {
   44 31   16:       SET {
   46 30   14:         SEQUENCE {
   48 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
             :             (X.520 id-at (2 5 4))
   53 13    7:           PrintableString 'CarlRSA'
             :           }
             :         }
             :       }
   62 30   30:     SEQUENCE {
   64 17   13:       UTCTime '990919010902Z'
   79 17   13:       UTCTime '391231235959Z'
             :       }
   94 30   17:     SEQUENCE {
   96 31   15:       SET {
   98 30   13:         SEQUENCE {
  100 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
             :             (X.520 id-at (2 5 4))
  105 13    6:           PrintableString 'BobRSA'
             :           }
             :         }
             :       }
  113 30  159:     SEQUENCE {
  116 30   13:       SEQUENCE {
  118 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
             :           (PKCS #1)
  129 05    0:         NULL
             :         }
  131 03  141:       BIT STRING 0 unused bits, encapsulates {
  135 30  137:           SEQUENCE {
  138 02  129:             INTEGER
             :               00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 41 5E A6 79
             :               89 85 C8 35 5D 9A 91 5B FB 1D 01 DA 19 70 26 17
             :               0F BD A5 22 D0 35 85 6D 7A 98 66 14 41 5C CF B7
             :               B7 08 3B 09 C9 91 B8 19 69 37 6D F9 65 1E 7B D9
             :               A9 33 24 A3 7F 3B BB AF 46 01 86 36 34 32 CB 07
             :               03 59 52 FC 85 8B 31 04 B8 CC 18 08 14 48 E6 4F
             :               1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 D8 69 01 F1
             :               05 F8 7A 70 D1 BE 83 C6 5F 38 CF 1C 2C AA 6A A7
             :               EB
  270 02    3:             INTEGER 65537
             :             }
             :           }
             :       }
  275 A3   96:     [3] {
  277 30   94:       SEQUENCE {
  279 30   12:         SEQUENCE {
  281 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
             :             (X.509 id-ce (2 5 29))
  286 01    1:           BOOLEAN TRUE
  289 04    2:           OCTET STRING, encapsulates {
  291 30    0:               SEQUENCE {}
             :               }
             :           }
  293 30   14:         SEQUENCE {
  295 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
             :             (X.509 id-ce (2 5 29))
  300 01    1:           BOOLEAN TRUE
  303 04    4:           OCTET STRING, encapsulates {
  305 03    2:               BIT STRING 5 unused bits
             :                 '100'B (bit 2)
             :               }
             :           }
  309 30   31:         SEQUENCE {
  311 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
             :             (X.509 id-ce (2 5 29))
  316 04   24:           OCTET STRING, encapsulates {
  318 30   22:               SEQUENCE {
  320 80   20:                 [0]
             :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37 4E 22
             :                   AE 9E 38 BB
             :                 }
             :               }
             :           }
  342 30   29:         SEQUENCE {
  344 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
             :             (X.509 id-ce (2 5 29))
  349 04   22:           OCTET STRING, encapsulates {
  351 04   20:               OCTET STRING
             :                 E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA 29 D3 95 5A
             :                 86 16 B4 24
             :               }
             :           }
             :         }
             :       }
             :     }
  373 30    9:   SEQUENCE {
  375 06    5:     OBJECT IDENTIFIER sha-1WithRSAEncryption (1 3 14 3 2 29)
             :       (Oddball OIW OID)
  382 05    0:     NULL
             :     }
  384 03  129:   BIT STRING 0 unused bits
             :     09 21 6A 3B 62 50 DF 62 41 5E 12 40 09 14 C3 B5
             :     E4 28 2E 50 77 FA 56 66 B3 A2 96 B6 0A 01 AE A6
             :     38 E5 BD 6B E7 F2 3E 6D B0 A5 EF CC 87 AC AB 25
             :     A4 BB DA E2 1A 81 B7 B9 15 B3 6C DA D1 13 D5 9F
             :     0F D5 4B 7A 8D 54 D8 5A DC 07 01 D1 05 41 0D 0A
             :     61 47 80 F1 75 0F F8 22 1B 50 92 33 FE 08 05 50
             :     6D 7B 03 00 03 F1 2D 4B FE 20 62 C7 20 77 05 42
             :     23 DB A8 C7 AD DE 71 1B D1 2A 99 82 A6 65 EB 7E
             :   }

CarlDSSSelf =
     0 30  667: SEQUENCE {
     4 30  602:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02    1:     INTEGER 1
    16 30    9:     SEQUENCE {
    18 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    27 30   18:     SEQUENCE {
    29 31   16:       SET {
    31 30   14:         SEQUENCE {
    33 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    38 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    47 30   30:     SEQUENCE {
    49 17   13:       UTCTime '990816225050Z'
    64 17   13:       UTCTime '391231235959Z'
              :       }
    79 30   18:     SEQUENCE {
    81 31   16:       SET {
    83 30   14:         SEQUENCE {
    85 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    90 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    99 30  439:     SEQUENCE {
   103 30  299:       SEQUENCE {
   107 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :           (ANSI X9.57 algorithm)
   116 30  286:         SEQUENCE {
   120 02  129:           INTEGER
              :             00 B6 49 18 3E 8A 44 C1 29 71 94 4C 01 C4 12 C1
              :             7A 79 CB 54 4D AB 1E 81 FB C6 4C B3 0E 94 09 06
              :             EB 01 D4 B1 C8 71 4B C7 45 C0 50 25 5D 9C FC DA
              :             E4 6D D3 E2 86 48 84 82 7D BA 15 95 4A 16 F6 46
              :             ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16 7B B9 50 01
              :             48 93 8B EB 25 15 51 97 55 DC 8F 53 0E 10 A9 50
              :             FC 70 B7 CD 30 54 FD DA DE A8 AA 22 B5 A1 AF 8B
              :             CC 02 88 E7 8B 70 5F B9 AD E1 08 D4 6D 29 2D D6
              :             E9
   252 02   21:           INTEGER
              :             00 DD C1 2F DF 53 CE 0B 34 60 77 3E 02 A4 BF 8A
              :             5D 98 B9 10 D5
   275 02  128:           INTEGER
              :             0C EE 57 9B 4B BD DA B6 07 6A 74 37 4F 55 7F 9D
              :             ED BC 61 0D EB 46 59 3C 56 0B 2B 5B 0C 91 CE A5
              :             62 52 69 CA E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C
              :             AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 87 0B C7 CD
              :             F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D 5A 51 F5 4F
              :             44 79 35 5A 73 AA 7F 46 51 1F A9 42 16 9C 48 EB
              :             8A 79 61 B4 D5 2F 53 22 44 63 1F 86 B8 A3 58 06
              :             25 F8 29 C0 EF BA E0 75 F0 42 C4 63 65 52 9B 0A
              :           }
              :         }
   406 03  133:       BIT STRING 0 unused bits, encapsulates {
   410 02  129:           INTEGER
              :             00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C 75 BB E1
              :             6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9 D8 AE 1E
              :             F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25
              :             4E B9 60 96 19 24 01 F3 62 0C FE 75 C0 FB CE D8
              :             68 00 E3 FD D5 70 4F DF 23 96 19 06 94 F4 B1 61
              :             8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76 81 EA 0B
              :             62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B AA 27 CD
              :             1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5 56 4D 80
              :             7A
              :           }
              :       }
   542 A3   66:     [3] {
   544 30   64:       SEQUENCE {
   546 30   15:         SEQUENCE {
   548 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   553 01    1:           BOOLEAN TRUE
   556 04    5:           OCTET STRING, encapsulates {
   558 30    3:               SEQUENCE {
   560 01    1:                 BOOLEAN TRUE
              :                 }
              :               }
              :           }
   563 30   14:         SEQUENCE {
   565 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   570 01    1:           BOOLEAN TRUE
   573 04    4:           OCTET STRING, encapsulates {
   575 03    2:               BIT STRING 1 unused bits
              :                 '1100001'B
              :               }
              :           }
   579 30   29:         SEQUENCE {
   581 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   586 04   22:           OCTET STRING
              :             04 14 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 3D 20
              :             BC 43 2B 93 F1 1F
              :           }
              :         }
              :       }
              :     }
   610 30    9:   SEQUENCE {
   612 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   621 03   48:   BIT STRING 0 unused bits, encapsulates {
   624 30   45:       SEQUENCE {
   626 02   20:         INTEGER
              :           6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B C9 06 37 E9
              :           11 17 A1 13
   648 02   21:         INTEGER
              :           00 8F 34 69 2A 8B B1 3C 03 79 94 32 4D 12 1F CE
              :           89 FB 46 B2 3B
              :         }
              :       }
              :   }

CarlRSASelf =
     0 30  491: SEQUENCE {
     4 30  340:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02   16:     INTEGER
              :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
    31 30   13:     SEQUENCE {
    33 06    9:       OBJECT IDENTIFIER
              :         sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :         (PKCS #1)
    44 05    0:       NULL
              :       }
    46 30   18:     SEQUENCE {
    48 31   16:       SET {
    50 30   14:         SEQUENCE {
    52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    57 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
    66 30   30:     SEQUENCE {
    68 17   13:       UTCTime '990818070000Z'
    83 17   13:       UTCTime '391231235959Z'
              :       }
    98 30   18:     SEQUENCE {
   100 31   16:       SET {
   102 30   14:         SEQUENCE {
   104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
   109 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
   118 30  159:     SEQUENCE {
   121 30   13:       SEQUENCE {
   123 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
              :           (PKCS #1)
   134 05    0:         NULL
              :         }
   136 03  141:       BIT STRING 0 unused bits, encapsulates {
   140 30  137:           SEQUENCE {
   143 02  129:             INTEGER
              :               00 E4 4B FF 18 B8 24 57 F4 77 FF 6E 73 7B 93 71
              :               5C BC 33 1A 92 92 72 23 D8 41 46 D0 CD 11 3A 04
              :               B3 8E AF 82 9D BD 51 1E 17 7A F2 76 2C 2B 86 39
              :               A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC A2 36 B1 ED
              :               E2 50 E2 32 09 8A 3F 9F 99 25 8F B8 4E AB B9 7D
              :               D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7
              :               29 CB 82 DD AC 44 E9 AA 93 94 29 0E F8 18 D6 C8
              :               57 5E F2 76 C4 F2 11 60 38 B9 1B 3C 1D 97 C9 6A
              :               F1
   275 02    3:             INTEGER 65537
              :             }
              :           }
              :       }
   280 A3   66:     [3] {
   282 30   64:       SEQUENCE {
   284 30   15:         SEQUENCE {
   286 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   291 01    1:           BOOLEAN TRUE
   294 04    5:           OCTET STRING, encapsulates {
   296 30    3:               SEQUENCE {
   298 01    1:                 BOOLEAN TRUE
              :                 }
              :               }
              :           }
   301 30   14:         SEQUENCE {
   303 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   308 01    1:           BOOLEAN TRUE
   311 04    4:           OCTET STRING, encapsulates {
   313 03    2:               BIT STRING 1 unused bits
              :                 '1100001'B
              :               }
              :           }
   317 30   29:         SEQUENCE {
   319 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   324 04   22:           OCTET STRING
              :             04 14 E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 42 37
              :             4E 22 AE 9E 38 BB
              :           }
              :         }
              :       }
              :     }
   348 30   13:   SEQUENCE {
   350 06    9:     OBJECT IDENTIFIER
              :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :       (PKCS #1)
   361 05    0:     NULL
              :     }
   363 03  129:   BIT STRING 0 unused bits
              :     B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 2E 4C DB 0C
              :     F0 48 0F 32 61 EE C4 04 EC 12 5D 2D FF 0F 64 59
              :     7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12
              :     61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E
              :     9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01
              :     76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
              :     CA 3E F2 53 6B B0 37 6F AD E6 74 D7 DB FA 5A EA
              :     14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02
              :   }

DianeDHEncryptByCarl =
     0 30  869: SEQUENCE {
     4 30  805:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02    2:     INTEGER 211
    17 30    9:     SEQUENCE {
    19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    28 30   18:     SEQUENCE {
    30 31   16:       SET {
    32 30   14:         SEQUENCE {
    34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    39 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    48 30   30:     SEQUENCE {
    50 17   13:       UTCTime '990817021657Z'
    65 17   13:       UTCTime '391231235959Z'
              :       }
    80 30   18:     SEQUENCE {
    82 31   16:       SET {
    84 30   14:         SEQUENCE {
    86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    91 13    7:           PrintableString 'DianeDH'
              :           }
              :         }
              :       }
   100 30  577:     SEQUENCE {
   104 30  438:       SEQUENCE {
   108 06    7:         OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :           (ANSI X9.42 number-type)
   117 30  425:         SEQUENCE {
   121 02  129:           INTEGER
              :             00 CA 6E 91 C2 B0 BD A8 58 F2 31 21 74 BB 1F E4
              :             10 BD D0 93 A2 7E 61 E1 3D BA 23 04 16 D0 66 39
              :             BD 3B CD 05 74 48 F1 03 70 95 F4 05 63 6D 2E BF
              :             9A B7 FF 97 FF 39 BB 63 DB 4D A4 71 D8 94 9A B4
              :             F2 8A 3D 9F B7 5D 8D CA E2 AF B5 0F CF 05 65 82
              :             68 6E 43 D2 F4 04 5F 03 8B F9 50 F5 C8 6C 05 26
              :             BC BF 36 0F 5C C3 51 6A 67 E8 75 32 66 78 91 63
              :             E8 FE 34 E7 19 B6 70 6C 78 38 36 82 D2 34 36 C2
              :             DF
   253 02  128:           INTEGER
              :             6E D6 76 36 4B E4 59 07 57 5F 18 9A 10 D2 31 5C
              :             A6 10 B0 26 96 42 4D 7C A3 A1 D3 9E A5 80 B2 1F
              :             37 11 49 7C 8A 99 D8 56 3F 93 51 ED 6E 54 FB 6E
              :             DB B2 FC 34 C0 E7 CA 1E 58 2B D5 3D 3B DC AE 71
              :             21 D9 3B 56 B8 A7 F6 4D 22 52 5F 41 BA D5 1E 82
              :             69 6C DD 70 71 CC 6C 3B EF 84 A9 71 8B A9 3B 2A
              :             09 F8 BD FD CB 51 BC 2E 2E CA 3E 30 8C FA 54 9E
              :             7D 0D 03 E2 DF 63 62 6D F3 50 82 27 DC D1 99 F7
   384 02   33:           INTEGER
              :             00 AA 05 65 FB DD 4E A8 02 F1 34 39 E7 A3 FC 7D
              :             46 10 B8 5D F0 2E F2 C5 D1 5E A2 74 4C DA 0F 4E
              :             1F
   419 02   97:           INTEGER
              :             01 30 CD 03 82 CD 3F 32 3A 5F 16 5E F2 13 5F 52
              :             1B DF FF AA 3B 06 3C 7F 81 26 1C B7 0C A0 14 09
              :             1B 5D 26 FD 71 33 8C F2 AC 41 7E 0D AC 35 95 90
              :             7E A5 AD AB 55 50 80 F0 D2 B9 2A 11 4D 76 45 76
              :             3F 0C 38 AE 72 59 C6 EC BD EF E7 6E 60 23 93 B9
              :             27 02 44 7E 4A D3 DA 39 3A 9A 63 43 3C 1B 23 C5
              :             62
   518 30   26:           SEQUENCE {
   520 03   21:             BIT STRING 0 unused bits
              :               D0 FD D6 E0 46 97 D1 A7 7F BB FF 9A 43 F0 62 64
              :               B3 7C 97 AB
   543 02    1:             INTEGER 122
              :             }
              :           }
              :         }
   546 03  132:       BIT STRING 0 unused bits, encapsulates {
   550 02  128:           INTEGER
              :             60 5E 6E EF 61 55 77 3F 9D 6A 11 10 F4 D3 C9 B8
              :             72 A0 1F 89 DF E4 BC 21 FD E4 9F 50 D6 8F 8E F9
              :             67 97 14 E0 34 19 8F 3D 58 52 1E DC 5D 05 4E 4F
              :             C6 88 85 78 AC 01 6C 35 CE 86 6D 90 4B 58 48 2E
              :             0F B2 E3 2A 4E 47 C3 B1 4D 2A 7A C9 B7 E5 C6 68
              :             8A 73 AE 53 21 B3 CF 09 C4 62 A3 E8 B0 BB DC DE
              :             0D 2E 66 48 37 A8 DB A2 4B FB DB FA A6 92 4B 41
              :             0A C6 54 0B 8B 1A 9D 2F FF 60 0B 0B 08 D9 42 3F
              :           }
              :       }
   681 A3  129:     [3] {
   684 30  127:       SEQUENCE {
   686 30   31:         SEQUENCE {
   688 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :             (X.509 id-ce (2 5 29))
   693 04   24:           OCTET STRING, encapsulates {
   695 30   22:               SEQUENCE {
   697 81   20:                 [1] 'dianeDh@examples.com'
              :                 }
              :               }
              :           }
   719 30   12:         SEQUENCE {
   721 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   726 01    1:           BOOLEAN TRUE
   729 04    2:           OCTET STRING, encapsulates {
   731 30    0:               SEQUENCE {}
              :               }
              :           }
   733 30   14:         SEQUENCE {
   735 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   740 01    1:           BOOLEAN TRUE
   743 04    4:           OCTET STRING, encapsulates {
   745 03    2:               BIT STRING 3 unused bits
              :                 '10000'B
              :               }
              :           }
   749 30   31:         SEQUENCE {
   751 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   756 04   24:           OCTET STRING, encapsulates {
   758 30   22:               SEQUENCE {
   760 80   20:                 [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                 }
              :               }
              :           }
   782 30   29:         SEQUENCE {
   784 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   789 04   22:           OCTET STRING
              :             04 14 47 F3 4F CD 75 7D A8 52 21 A8 61 36 57 B5
              :             F8 9A EE DB 30 46
              :           }
              :         }
              :       }
              :     }
   813 30    9:   SEQUENCE {
   815 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   824 03   47:   BIT STRING 0 unused bits, encapsulates {
   827 30   44:       SEQUENCE {
   829 02   20:         INTEGER
              :           7D 64 1E 1F 4B F3 EC 6F 34 2C B2 E4 64 70 8F 3E
              :           6A C0 72 A2
   851 02   20:         INTEGER
              :           4B EA C1 0C F1 CD F7 7A 9D 76 CA 27 6E D0 BE F2
              :           D8 9B 6A 6D
              :         }
              :       }
              :   }

DianeDSSSignByCarlInherit =
     0 30  442: SEQUENCE {
     4 30  377:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02    2:     INTEGER 210
    17 30    9:     SEQUENCE {
    19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    28 30   18:     SEQUENCE {
    30 31   16:       SET {
    32 30   14:         SEQUENCE {
    34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    39 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    48 30   30:     SEQUENCE {
    50 17   13:       UTCTime '990817020810Z'
    65 17   13:       UTCTime '391231235959Z'
              :       }
    80 30   19:     SEQUENCE {
    82 31   17:       SET {
    84 30   15:         SEQUENCE {
    86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    91 13    8:           PrintableString 'DianeDSS'
              :           }
              :         }
              :       }
   101 30  147:     SEQUENCE {
   104 30    9:       SEQUENCE {
   106 06    7:         OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :           (ANSI X9.57 algorithm)
              :         }
   115 03  133:       BIT STRING 0 unused bits, encapsulates {
   119 02  129:           INTEGER
              :             00 A0 00 17 78 2C EE 7E 81 53 2E 2E 61 08 0F A1
              :             9B 51 52 1A DA 59 A8 73 2F 12 25 B6 08 CB CA EF
              :             2A 44 76 8A 52 09 EA BD 05 22 D5 0F F6 FD 46 D7
              :             AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 F7 1C BF 25
              :             FF 23 D3 3B 59 E7 82 97 37 BE 31 24 D8 18 C8 F3
              :             49 39 5B B7 E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F
              :             68 4D DD 46 7A 22 BE 8E FF CC DA 39 29 A3 39 E5
              :             9F 43 E9 55 C9 D7 5B A6 81 67 CC C0 AA CD 2E C5
              :             23
              :           }
              :       }
   251 A3  131:     [3] {
   254 30  128:       SEQUENCE {
   257 30   32:         SEQUENCE {
   259 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :             (X.509 id-ce (2 5 29))
   264 04   25:           OCTET STRING, encapsulates {
   266 30   23:               SEQUENCE {
   268 81   21:                 [1] 'dianeDss@examples.com'
              :                 }
              :               }
              :           }
   291 30   12:         SEQUENCE {
   293 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   298 01    1:           BOOLEAN TRUE
   301 04    2:           OCTET STRING, encapsulates {
   303 30    0:               SEQUENCE {}
              :               }
              :           }
   305 30   14:         SEQUENCE {
   307 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   312 01    1:           BOOLEAN TRUE
   315 04    4:           OCTET STRING, encapsulates {
   317 03    2:               BIT STRING 6 unused bits
              :                 '11'B
              :               }
              :           }
   321 30   31:         SEQUENCE {
   323 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   328 04   24:           OCTET STRING, encapsulates {
   330 30   22:               SEQUENCE {
   332 80   20:                 [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                 }
              :               }
              :           }
   354 30   29:         SEQUENCE {
   356 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   361 04   22:           OCTET STRING
              :             04 14 64 30 99 7D 5C DC 45 0B 99 3A 52 2F 16 BF
              :             58 50 DD CE 2B 18
              :           }
              :         }
              :       }
              :     }
   385 30    9:   SEQUENCE {
   387 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   396 03   48:   BIT STRING 0 unused bits, encapsulates {
   399 30   45:       SEQUENCE {
   401 02   20:         INTEGER
              :           7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB 8A C4 3C C2
              :           52 36 9E 95
   423 02   21:         INTEGER
              :           00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D 10 1F 9A B3
              :           4D B6 F9 11 A3
              :         }
              :       }
              :   }

DianeRSASignEncryptByCarl =
     0 30  522: SEQUENCE {
     4 30  371:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02   16:     INTEGER
              :       46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90
    31 30   13:     SEQUENCE {
    33 06    9:       OBJECT IDENTIFIER
              :         sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :         (PKCS #1)
    44 05    0:       NULL
              :       }
    46 30   18:     SEQUENCE {
    48 31   16:       SET {
    50 30   14:         SEQUENCE {
    52 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    57 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
    66 30   30:     SEQUENCE {
    68 17   13:       UTCTime '990819070000Z'
    83 17   13:       UTCTime '391231235959Z'
              :       }
    98 30   19:     SEQUENCE {
   100 31   17:       SET {
   102 30   15:         SEQUENCE {
   104 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
   109 13    8:           PrintableString 'DianeRSA'
              :           }
              :         }
              :       }
   119 30  159:     SEQUENCE {
   122 30   13:       SEQUENCE {
   124 06    9:         OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
              :           (PKCS #1)
   135 05    0:         NULL
              :         }
   137 03  141:       BIT STRING 0 unused bits, encapsulates {
   141 30  137:           SEQUENCE {
   144 02  129:             INTEGER
              :               00 D6 FD B8 C0 70 C6 4C 25 EC EA CF EA 7C BB A2
              :               62 FA F0 E6 32 3A 53 FF B1 92 5A 17 F4 20 E1 99
              :               24 82 0A D0 F6 7C FB 44 CA 8B 27 06 F1 7E 26 03
              :               A9 76 9D CF EC A0 2C 70 96 F2 83 42 F6 D4 B7 28
              :               0A BB F8 BF 4A 4C 19 3F 07 DB A0 C1 60 1E B7 7E
              :               67 F7 DE B1 C3 60 49 AC 45 D7 F8 C6 EF 08 37 21
              :               93 47 EE F0 73 35 72 B0 02 C4 F3 11 C3 5E 47 E5
              :               0A B7 83 F1 DB 74 69 64 8B 44 1D 95 5D CD 28 C0
              :               85
   276 02    3:             INTEGER 65537
              :             }
              :           }
              :       }
   281 A3   96:     [3] {
   283 30   94:       SEQUENCE {
   285 30   12:         SEQUENCE {
   287 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   292 01    1:           BOOLEAN TRUE
   295 04    2:           OCTET STRING, encapsulates {
   297 30    0:               SEQUENCE {}
              :               }
              :           }
   299 30   14:         SEQUENCE {
   301 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   306 01    1:           BOOLEAN TRUE
   309 04    4:           OCTET STRING, encapsulates {
   311 03    2:               BIT STRING 5 unused bits
              :                 '111'B
              :               }
              :           }
   315 30   31:         SEQUENCE {
   317 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   322 04   24:           OCTET STRING, encapsulates {
   324 30   22:               SEQUENCE {
   326 80   20:                 [0]
              :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
              :                   AE 9E 38 BB
              :                 }
              :               }
              :           }
   348 30   29:         SEQUENCE {
   350 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   355 04   22:           OCTET STRING
              :             04 14 8C F3 CB 75 0E 8D 31 F6 D4 29 DA 44 92 75
              :             B8 FE ED 4F 39 0C
              :           }
              :         }
              :       }
              :     }
   379 30   13:   SEQUENCE {
   381 06    9:     OBJECT IDENTIFIER
              :       sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :       (PKCS #1)
   392 05    0:     NULL
              :     }
   394 03  129:   BIT STRING 0 unused bits
              :     1D B3 51 B1 99 96 F0 44 A8 EB 14 EA FC C2 DF B8
              :     33 4B 02 3C 41 DF E3 53 7F EA 34 7F FC D5 11 0D
              :     00 04 88 B8 ED BC 23 45 03 6E F1 53 B2 C0 3B 19
              :     62 DC DC E1 8A FE A7 FC A5 D7 97 DB 25 7C F3 30
              :     C5 63 A7 38 4A AB 25 21 24 80 C7 D8 78 82 8C 53
              :     EA 3E 2F 63 10 66 D3 27 55 9A DC EF 35 5E F6 23
              :     71 E6 FF 78 7B A9 4F 7B 7F 2E B9 C4 42 73 57 4F
              :     AA F8 04 B4 0D C7 53 88 C4 F0 92 28 33 44 50 A1
              :   }

EricaDHEncryptByCarl =
     0 30  745: SEQUENCE {
     4 30  680:   SEQUENCE {
     8 A0    3:     [0] {
    10 02    1:       INTEGER 2
              :       }
    13 02    2:     INTEGER 212
    17 30    9:     SEQUENCE {
    19 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    28 30   18:     SEQUENCE {
    30 31   16:       SET {
    32 30   14:         SEQUENCE {
    34 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    39 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    48 30   30:     SEQUENCE {
    50 17   13:       UTCTime '990817021716Z'
    65 17   13:       UTCTime '391231235959Z'
              :       }
    80 30   18:     SEQUENCE {
    82 31   16:       SET {
    84 30   14:         SEQUENCE {
    86 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    91 13    7:           PrintableString 'EricaDH'
              :           }
              :         }
              :       }
   100 30  452:     SEQUENCE {
   104 30  312:       SEQUENCE {
   108 06    7:         OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :           (ANSI X9.42 number-type)
   117 30  299:         SEQUENCE {
   121 02  129:           INTEGER
              :             00 EC 2C CD A4 EF 9A 26 2F 62 A7 BB 23 4D DF 2B
              :             25 C1 68 D2 9E A9 45 5B 36 F1 94 89 1A AF 7D 11
              :             24 9D 3D B9 3C 29 E8 D7 23 80 33 A6 9E 45 02 BB
              :             AA CC 9E 28 05 95 A0 B3 17 76 C1 F7 25 35 61 02
              :             41 92 27 0C 5E AE 48 E5 F3 6E 38 EF 91 D1 CF 37
              :             FE 9A 40 97 C8 2D 35 9E 9D 93 C6 F8 15 AF 3F DA
              :             74 3A B7 C4 93 B5 B9 BB 76 6C 1F A8 7E BC 3A AA
              :             43 0A 81 64 FC 63 F0 7B 71 98 FA C0 38 79 10 1A
              :             33
   253 02  129:           INTEGER
              :             00 BA 0B D7 74 3D E7 34 E5 4C 13 A7 95 96 BB F1
              :             E4 61 37 08 FB 12 C7 FB 9C 91 77 06 99 35 F0 48
              :             24 96 33 12 01 7E 8D EC 0B F6 B2 C0 63 A7 15 C5
              :             5E 95 86 A2 73 C5 49 46 37 79 60 FD 77 05 09 48
              :             9B 70 8D 3C 05 F6 CE 44 2C 7F 7D 1B 2B 15 DD F3
              :             05 2F BE 85 20 8F 8D F9 B4 A0 45 74 2B F4 3B 9D
              :             42 62 34 27 27 81 8E 6F 0F 5E 62 85 89 CC ED 21
              :             C3 91 70 06 54 EE 70 A8 92 55 5B 6E 19 22 4D 62
              :             A7
   385 02   33:           INTEGER
              :             00 C3 AB 4A 30 79 B3 D3 97 4E CA F5 A2 7D C7 70
              :             A3 45 F3 B3 A2 86 05 D2 3E 49 F9 9F D9 0A B3 BE
              :             BD
              :           }
              :         }
   420 03  133:       BIT STRING 0 unused bits, encapsulates {
   424 02  129:           INTEGER
              :             00 D1 2B E4 1D 3E BA 18 CF 75 20 C6 C7 5E C3 C4
              :             6C EA F3 23 D9 09 1F 46 98 F4 CE 59 B9 B6 CE E8
              :             3A C6 18 F8 59 77 1B 99 B0 DA DC C0 9D 09 E4 AF
              :             F9 61 91 2C 47 CC 47 5E DF 2B 33 76 F3 67 EC 77
              :             E8 2C 37 30 A1 89 5D F3 C8 F6 5C 16 4A E4 B7 8C
              :             F5 7B D5 38 FD 14 AC E8 7A C2 7D EE 07 90 27 0A
              :             7C 87 A8 A2 E2 70 35 EA 6E DE 9E 50 31 6B E9 09
              :             DA 25 1A 01 8E E3 FF 26 1C 75 F5 C3 CE 5A F5 9E
              :             85
              :           }
              :       }
   556 A3  129:     [3] {
   559 30  127:       SEQUENCE {
   561 30   31:         SEQUENCE {
   563 06    3:           OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :             (X.509 id-ce (2 5 29))
   568 04   24:           OCTET STRING, encapsulates {
   570 30   22:               SEQUENCE {
   572 81   20:                 [1] 'ericaDh@examples.com'
              :                 }
              :               }
              :           }
   594 30   12:         SEQUENCE {
   596 06    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :             (X.509 id-ce (2 5 29))
   601 01    1:           BOOLEAN TRUE
   604 04    2:           OCTET STRING, encapsulates {
   606 30    0:               SEQUENCE {}
              :               }
              :           }
   608 30   14:         SEQUENCE {
   610 06    3:           OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :             (X.509 id-ce (2 5 29))
   615 01    1:           BOOLEAN TRUE
   618 04    4:           OCTET STRING, encapsulates {
   620 03    2:               BIT STRING 3 unused bits
              :                 '10000'B
              :               }
              :           }
   624 30   31:         SEQUENCE {
   626 06    3:           OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
              :             (X.509 id-ce (2 5 29))
   631 04   24:           OCTET STRING, encapsulates {
   633 30   22:               SEQUENCE {
   635 80   20:                 [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                 }
              :               }
              :           }
   657 30   29:         SEQUENCE {
   659 06    3:           OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
              :             (X.509 id-ce (2 5 29))
   664 04   22:           OCTET STRING
              :             04 14 8D 53 1D 61 55 7F 60 35 6D A6 36 A2 C5 93
              :             F8 9A FD C0 75 74
              :           }
              :         }
              :       }
              :     }
   688 30    9:   SEQUENCE {
   690 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   699 03   48:   BIT STRING 0 unused bits, encapsulates {
   702 30   45:       SEQUENCE {
   704 02   20:         INTEGER
              :           3E 51 42 08 E3 52 2E AA BB 8F BD 18 38 71 CB 98
              :           83 BE 47 9E
   726 02   21:         INTEGER
              :           00 B4 B3 15 85 99 11 06 40 1F 40 59 8D D4 1B 2D
              :           CD 81 F1 E8 68
              :         }
              :       }
              :   }

3.4 CRLs

CarlCRL is a CRL from Carl that contains three revocations.

CarlDSSCRLForAll =
     0 30  216: SEQUENCE {
     3 30  153:   SEQUENCE {
     6 30    9:     SEQUENCE {
     8 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    17 30   18:     SEQUENCE {
    19 31   16:       SET {
    21 30   14:         SEQUENCE {
    23 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    28 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    37 17   13:     UTCTime '990827070000Z'
    52 30  105:     SEQUENCE {
    54 30   19:       SEQUENCE {
    56 02    2:         INTEGER 200
    60 17   13:         UTCTime '990822070000Z'
              :         }
    75 30   19:       SEQUENCE {
    77 02    2:         INTEGER 201
    81 17   13:         UTCTime '990822070000Z'
              :         }
    96 30   19:       SEQUENCE {
    98 02    2:         INTEGER 211
   102 17   13:         UTCTime '990822070000Z'
              :         }
   117 30   19:       SEQUENCE {
   119 02    2:         INTEGER 210
   123 17   13:         UTCTime '990822070000Z'
              :         }
   138 30   19:       SEQUENCE {
   140 02    2:         INTEGER 212
   144 17   13:         UTCTime '990824070000Z'
              :         }
              :       }
              :     }
   159 30    9:   SEQUENCE {
   161 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
   170 03   47:   BIT STRING 0 unused bits, encapsulates {
   173 30   44:       SEQUENCE {
   175 02   20:         INTEGER
              :           7E 65 52 76 33 FE 34 73 17 D1 F7 96 F9 A0 D4 D8
              :           6D 5C 7D 3D
   197 02   20:         INTEGER
              :           02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E DA 24 F3 2A
              :           83 9C 35 A1
              :         }
              :       }
              :   }

CarlDSSCRLForCarl =
     0 30  131: SEQUENCE {
     3 30   68:   SEQUENCE {
     5 30    9:     SEQUENCE {
     7 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    16 30   18:     SEQUENCE {
    18 31   16:       SET {
    20 30   14:         SEQUENCE {
    22 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    27 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    36 17   13:     UTCTime '990825070000Z'
    51 30   20:     SEQUENCE {
    53 30   18:       SEQUENCE {
    55 02    1:         INTEGER 1
    58 17   13:         UTCTime '990822070000Z'
              :         }
              :       }
              :     }
    73 30    9:   SEQUENCE {
    75 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
    84 03   48:   BIT STRING 0 unused bits, encapsulates {
    87 30   45:       SEQUENCE {
    89 02   21:         INTEGER
              :           00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9 DE 79 22 EC
              :           4F B0 90 FE 97
   112 02   20:         INTEGER
              :           5A 8B C3 84 BC 66 87 1B BF 79 82 5B 0A 5D 07 F6
              :           BA A9 05 29
              :         }
              :       }
              :   }

CarlDSSCRLEmpty =
     0 30  109: SEQUENCE {
     2 30   46:   SEQUENCE {
     4 30    9:     SEQUENCE {
     6 06    7:       OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :         (ANSI X9.57 algorithm)
              :       }
    15 30   18:     SEQUENCE {
    17 31   16:       SET {
    19 30   14:         SEQUENCE {
    21 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    26 13    7:           PrintableString 'CarlDSS'
              :           }
              :         }
              :       }
    35 17   13:     UTCTime '990820070000Z'
              :     }
    50 30    9:   SEQUENCE {
    52 06    7:     OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :       (ANSI X9.57 algorithm)
              :     }
    61 03   48:   BIT STRING 0 unused bits, encapsulates {
    64 30   45:       SEQUENCE {
    66 02   20:         INTEGER
              :           62 3F 36 17 31 58 2E 67 50 79 F5 09 4B 8C AD D4
              :           6B F4 64 9F
    88 02   21:         INTEGER
              :           00 B5 3B 4E A1 4C 7B FD 0F C3 8D 9B B6 FE C3 5D
              :           6F DE 65 28 7D
              :         }
              :       }
              :   }

CarlRSACRLForAll =
     0 30  307: SEQUENCE {
     4 30  157:   SEQUENCE {
     7 30   13:     SEQUENCE {
     9 06    9:       OBJECT IDENTIFIER
              :         md5withRSAEncryption (1 2 840 113549 1 1 4)
              :         (PKCS #1)
    20 05    0:       NULL
              :       }
    22 30   18:     SEQUENCE {
    24 31   16:       SET {
    26 30   14:         SEQUENCE {
    28 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    33 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
    42 17   13:     UTCTime '990827070000Z'
    57 30  105:     SEQUENCE {
    59 30   33:       SEQUENCE {
    61 02   16:         INTEGER
              :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
    79 17   13:         UTCTime '990822070000Z'
              :         }
    94 30   33:       SEQUENCE {
    96 02   16:         INTEGER
              :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E D5 9A 30 90
   114 17   13:         UTCTime '990822070000Z'
              :         }
   129 30   33:       SEQUENCE {
   131 02   16:         INTEGER
              :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
   149 17   13:         UTCTime '990824070000Z'
              :         }
              :       }
              :     }
   164 30   13:   SEQUENCE {
   166 06    9:     OBJECT IDENTIFIER md5withRSAEncryption (1 2 840
113549 1 1 4)
              :       (PKCS #1)
   177 05    0:     NULL
              :     }
   179 03  129:   BIT STRING 0 unused bits
              :     BF B3 97 AA 53 F0 32 21 16 2B 77 92 7A 6B BB 97
              :     C8 DC EA F1 FA 66 16 30 0E B5 9E 5C F0 81 D4 5E
              :     B3 6E C1 88 6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D
              :     AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC 6F 27 BF 35
              :     50 71 81 C2 B9 44 5B 62 89 19 12 31 A9 7B 9A D3
              :     CC 66 CB 11 D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30
              :     F2 5B FC 94 51 A5 58 76 3B 1F A8 46 A6 1F F6 A1
              :     DE 55 A1 ED 31 88 69 97 0F 08 D3 D4 0C 60 5B 1E
              :   }

CarlRSACRLForCarl =
     0 30  236: SEQUENCE {
     3 30   87:   SEQUENCE {
     5 30   13:     SEQUENCE {
     7 06    9:       OBJECT IDENTIFIER
              :         md5withRSAEncryption (1 2 840 113549 1 1 4)
              :         (PKCS #1)
    18 05    0:       NULL
              :       }
    20 30   18:     SEQUENCE {
    22 31   16:       SET {
    24 30   14:         SEQUENCE {
    26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    31 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
    40 17   13:     UTCTime '990825070000Z'
    55 30   35:     SEQUENCE {
    57 30   33:       SEQUENCE {
    59 02   16:         INTEGER
              :           46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
    77 17   13:         UTCTime '990822070000Z'
              :         }
              :       }
              :     }
    92 30   13:   SEQUENCE {
    94 06    9:     OBJECT IDENTIFIER md5withRSAEncryption (1 2 840
113549 1 1 4)
              :       (PKCS #1)
   105 05    0:     NULL
              :     }
   107 03  129:   BIT STRING 0 unused bits
              :     21 EF 21 D4 C1 1A 85 95 49 6B CA 45 62 DC D7 09
              :     FF A9 51 2E 8E D9 47 18 FA F8 E5 72 DD 4F ED 74
              :     74 E3 F3 65 32 65 28 2C 9A 1D 57 E5 D5 26 06 EA
              :     D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C 2F CE 07 F7
              :     A3 D1 6B 85 4C 0F FF E6 DD FC DC CD 73 2C 1E 7D
              :     DC B0 71 C5 4C FC 01 6E 52 57 69 1E 39 63 DF 12
              :     22 30 C7 13 55 94 05 6E 2A 00 A9 5B C4 2A 66 94
              :     62 CE 36 33 C2 2B 63 47 25 9D F3 DE 70 EE 00 56
              :   }

CarlRSACRLEmpty =
     0 30  199: SEQUENCE {
     3 30   50:   SEQUENCE {
     5 30   13:     SEQUENCE {
     7 06    9:       OBJECT IDENTIFIER
              :         md5withRSAEncryption (1 2 840 113549 1 1 4)
              :         (PKCS #1)
    18 05    0:       NULL
              :       }
    20 30   18:     SEQUENCE {
    22 31   16:       SET {
    24 30   14:         SEQUENCE {
    26 06    3:           OBJECT IDENTIFIER commonName (2 5 4 3)
              :             (X.520 id-at (2 5 4))
    31 13    7:           PrintableString 'CarlRSA'
              :           }
              :         }
              :       }
    40 17   13:     UTCTime '990820070000Z'
              :     }
    55 30   13:   SEQUENCE {
    57 06    9:     OBJECT IDENTIFIER md5withRSAEncryption (1 2 840
113549 1 1 4)
              :       (PKCS #1)
    68 05    0:     NULL
              :     }
    70 03  129:   BIT STRING 0 unused bits
              :     A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04 F3 20 45 86
              :     1E 0B 6E 7F 83 6D 5F F4 34 76 06 59 25 0E 04 3D
              :     88 09 88 81 37 C4 DC 20 98 FA 17 81 0B 37 94 AC
              :     B4 8F 7B 51 89 14 A4 CB 72 73 14 07 BC 22 9C 40
              :     A1 07 FC 44 7C 85 0F 0B 88 D1 EE E1 0E AF F6 16
              :     74 AD A1 AF C1 00 75 00 64 EA A5 9A F6 0B 08 A2
              :     DB 95 19 5F A6 A7 B9 39 45 25 0A 0E F6 5E 84 E7
              :     F8 B9 5A C9 18 C2 0E B8 A0 96 BE 81 3A 80 6D C9
              :   }

4. Trivial Examples

This section covers examples of small CMS types.

4.1 ContentInfo with Data type, BER

The object is a ContentInfo containing a Data object in BER format that is
ExContent.

     0 30 NDEF: SEQUENCE {
     2 06    9:   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :     (PKCS #7)
    13 A0 NDEF:   [0] {
    15 24 NDEF:     OCTET STRING {
    17 04    4:       OCTET STRING
              :         54 68 69 73
    23 04   24:       OCTET STRING
              :         20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
              :         63 6F 6E 74 65 6E 74 2E
              :       }
              :     }
              :   }

4.2 ContentInfo with Data type, DER

The object is a ContentInfo containing a Data object in DER format that is
ExContent.

     0 30   43: SEQUENCE {
     2 06    9:   OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :     (PKCS #7)
    13 A0   30:   [0] {
    15 04   28:     OCTET STRING
              :       54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :       70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :     }
              :   }

5.  Signed-data

5.1 Basic signed content, DSS

A SignedData with no attribute certificates, signed by Alice using
DSS, just her certificate (not Carl's root cert), no CRL. The
message is ExContent, and is included in the eContent. There are no
signed or unsigned attributes.

     0 30  927: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0  912:   [0] {
    19 30  908:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31   11:       SET {
    28 30    9:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
    37 05    0:           NULL
              :           }
              :         }
    39 30   43:       SEQUENCE {
    41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    52 A0   30:         [0] {
    54 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    84 A0  738:       [0] {
    88 30  734:         SEQUENCE {
    92 30  669:           SEQUENCE {
    96 A0    3:             [0] {
    98 02    1:               INTEGER 2
              :               }
   101 02    2:             INTEGER 200
   105 30    9:             SEQUENCE {
   107 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   116 30   18:             SEQUENCE {
   118 31   16:               SET {
   120 30   14:                 SEQUENCE {
   122 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   127 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   136 30   30:             SEQUENCE {
   138 17   13:               UTCTime '990817011049Z'
   153 17   13:               UTCTime '391231235959Z'
              :               }
   168 30   19:             SEQUENCE {
   170 31   17:               SET {
   172 30   15:                 SEQUENCE {
   174 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   179 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   189 30  438:             SEQUENCE {
   193 30  299:               SEQUENCE {
   197 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   206 30  286:                 SEQUENCE {
   210 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                   DB
   342 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   365 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   496 03  132:               BIT STRING 0 unused bits, encapsulates {
   500 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
   631 A3  131:             [3] {
   634 30  128:               SEQUENCE {
   637 30   32:                 SEQUENCE {
   639 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   644 04   25:                   OCTET STRING, encapsulates {
   646 30   23:                       SEQUENCE {
   648 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
   671 30   12:                 SEQUENCE {
   673 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   678 01    1:                   BOOLEAN TRUE
   681 04    2:                   OCTET STRING, encapsulates {
   683 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   685 30   14:                 SEQUENCE {
   687 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   692 01    1:                   BOOLEAN TRUE
   695 04    4:                   OCTET STRING, encapsulates {
   697 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   701 30   31:                 SEQUENCE {
   703 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   708 04   24:                   OCTET STRING, encapsulates {
   710 30   22:                       SEQUENCE {
   712 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   734 30   29:                 SEQUENCE {
   736 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   741 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
   765 30    9:           SEQUENCE {
   767 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   776 03   48:           BIT STRING 0 unused bits, encapsulates {
   779 30   45:               SEQUENCE {
   781 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
   804 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
   826 31  103:       SET {
   828 30  101:         SEQUENCE {
   830 02    1:           INTEGER 1
   833 30   24:           SEQUENCE {
   835 30   18:             SEQUENCE {
   837 31   16:               SET {
   839 30   14:                 SEQUENCE {
   841 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   846 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   855 02    2:             INTEGER 200
              :             }
   859 30    9:           SEQUENCE {
   861 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
   868 05    0:             NULL
              :             }
   870 30    9:           SEQUENCE {
   872 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   881 04   48:           OCTET STRING, encapsulates {
   883 30   45:               SEQUENCE {
   885 02   20:                 INTEGER
              :                   08 D0 45 7D 63 E1 39 EC 62 B0 30 C2
29 AD 42 EA
              :                   96 4F 91 86
   907 02   21:                 INTEGER
              :                   00 A6 86 EE 8A 7A 05 A7 E0 07 E6 F9
88 BF 93 FB
              :                   96 4D 76 D3 92
              :                 }
              :             }
              :           }
              :           }
              :         }
              :       }
              :     }
              :   }

5.2 Basic signed content, RSA

Same as 5.1, except using RSA signatures. A SignedData with no
attribute certificates, signed by Alice using RSA, just her certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

     0 30  816: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0  801:   [0] {
    19 30  797:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31   11:       SET {
    28 30    9:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
    37 05    0:           NULL
              :           }
              :         }
    39 30   43:       SEQUENCE {
    41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    52 A0   30:         [0] {
    54 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    84 A0  526:       [0] {
    88 30  522:         SEQUENCE {
    92 30  371:           SEQUENCE {
    96 A0    3:             [0] {
    98 02    1:               INTEGER 2
              :               }
   101 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
   119 30   13:             SEQUENCE {
   121 06    9:               OBJECT IDENTIFIER
              :                 sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :                 (PKCS #1)
   132 05    0:               NULL
              :               }
   134 30   18:             SEQUENCE {
   136 31   16:               SET {
   138 30   14:                 SEQUENCE {
   140 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   145 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   154 30   30:             SEQUENCE {
   156 17   13:               UTCTime '990819070000Z'
   171 17   13:               UTCTime '391231235959Z'
              :               }
   186 30   19:             SEQUENCE {
   188 31   17:               SET {
   190 30   15:                 SEQUENCE {
   192 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   197 13    8:                   PrintableString 'AliceRSA'
              :                   }
              :                 }
              :               }
   207 30  159:             SEQUENCE {
   210 30   13:               SEQUENCE {
   212 06    9:                 OBJECT IDENTIFIER
              :                   rsaEncryption (1 2 840 113549 1 1 1)
              :                   (PKCS #1)
   223 05    0:                 NULL
              :                 }
   225 03  141:               BIT STRING 0 unused bits, encapsulates {
   229 30  137:                   SEQUENCE {
   232 02  129:                     INTEGER
              :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
39 7F 4E B0
              :                   05 BB 53 83 DE 0F B7 AB DC 7D C7 75
29 0D 05 2E
              :                   6D 12 DF A6 86 26 D4 D2 6F AA 58 29
FC 97 EC FA
              :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1
2C BB D8 32
              :                   CF C6 68 6F 07 D9 B0 60 AC BE EE 34
09 6A 13 F5
              :                   F7 05 05 93 DF 5E BA 35 56 D9 61 FF
19 7F C9 81
              :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
9F 2D FA 55
              :                   3A B9 99 77 02 A6 48 52 8C 4E F3 57
38 57 74 57
              :                   5F
   364 02    3:                     INTEGER 65537
              :                     }
              :                   }
              :               }
   369 A3   96:             [3] {
   371 30   94:               SEQUENCE {
   373 30   12:                 SEQUENCE {
   375 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   380 01    1:                   BOOLEAN TRUE
   383 04    2:                   OCTET STRING, encapsulates {
   385 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   387 30   14:                 SEQUENCE {
   389 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   394 01    1:                   BOOLEAN TRUE
   397 04    4:                   OCTET STRING, encapsulates {
   399 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   403 30   31:                 SEQUENCE {
   405 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   410 04   24:                   OCTET STRING, encapsulates {
   412 30   22:                       SEQUENCE {
   414 80   20:                         [0]
              :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
              :                   AE 9E 38 BB
              :                         }
              :                       }
              :                   }
   436 30   29:                 SEQUENCE {
   438 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   443 04   22:                   OCTET STRING
              :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE
45 9D CE EC
              :                   3C A0 3A E3 FF 50
              :                   }
              :                 }
              :               }
              :             }
   467 30   13:           SEQUENCE {
   469 06    9:             OBJECT IDENTIFIER
              :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :               (PKCS #1)
   480 05    0:             NULL
              :             }
   482 03  129:           BIT STRING 0 unused bits
              :             52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
              :             6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
              :             F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
              :             97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
              :             06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
              :             4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
              :             C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
              :             C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
              :           }
              :         }
   614 31  203:       SET {
   617 30  200:         SEQUENCE {
   620 02    1:           INTEGER 1
   623 30   38:           SEQUENCE {
   625 30   18:             SEQUENCE {
   627 31   16:               SET {
   629 30   14:                 SEQUENCE {
   631 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   636 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   645 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
              :             }
   663 30    9:           SEQUENCE {
   665 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
   672 05    0:             NULL
              :             }
   674 30   13:           SEQUENCE {
   676 06    9:             OBJECT IDENTIFIER
              :               rsaEncryption (1 2 840 113549 1 1 1)
              :               (PKCS #1)
   687 05    0:             NULL
              :             }
   689 04  128:           OCTET STRING
              :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
              :             81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
              :             AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
              :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
              :             E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
              :             CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
              :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68
              :             6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
              :           }
              :         }
              :       }
              :     }
              :   }

5.3 Basic signed content, detached content

Same as 5.1, except with no eContent. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), no CRL. The message is ExContent, but the eContent
is not included. There are no signed or unsigned attributes.

     0 30  895: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0  880:   [0] {
    19 30  876:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31   11:       SET {
    28 30    9:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
    37 05    0:           NULL
              :           }
              :         }
    39 30   11:       SEQUENCE {
    41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
              :         }
    52 A0  738:       [0] {
    56 30  734:         SEQUENCE {
    60 30  669:           SEQUENCE {
    64 A0    3:             [0] {
    66 02    1:               INTEGER 2
              :               }
    69 02    2:             INTEGER 200
    73 30    9:             SEQUENCE {
    75 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
    84 30   18:             SEQUENCE {
    86 31   16:               SET {
    88 30   14:                 SEQUENCE {
    90 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
    95 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   104 30   30:             SEQUENCE {
   106 17   13:               UTCTime '990817011049Z'
   121 17   13:               UTCTime '391231235959Z'
              :               }
   136 30   19:             SEQUENCE {
   138 31   17:               SET {
   140 30   15:                 SEQUENCE {
   142 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   147 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   157 30  438:             SEQUENCE {
   161 30  299:               SEQUENCE {
   165 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   174 30  286:                 SEQUENCE {
   178 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                   DB
   310 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   333 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   464 03  132:               BIT STRING 0 unused bits, encapsulates {
   468 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
   599 A3  131:             [3] {
   602 30  128:               SEQUENCE {
   605 30   32:                 SEQUENCE {
   607 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   612 04   25:                   OCTET STRING, encapsulates {
   614 30   23:                       SEQUENCE {
   616 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
   639 30   12:                 SEQUENCE {
   641 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   646 01    1:                   BOOLEAN TRUE
   649 04    2:                   OCTET STRING, encapsulates {
   651 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   653 30   14:                 SEQUENCE {
   655 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   660 01    1:                   BOOLEAN TRUE
   663 04    4:                   OCTET STRING, encapsulates {
   665 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   669 30   31:                 SEQUENCE {
   671 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   676 04   24:                   OCTET STRING, encapsulates {
   678 30   22:                       SEQUENCE {
   680 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   702 30   29:                 SEQUENCE {
   704 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   709 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
   733 30    9:           SEQUENCE {
   735 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   744 03   48:           BIT STRING 0 unused bits, encapsulates {
   747 30   45:               SEQUENCE {
   749 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
   772 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
   794 31  103:       SET {
   796 30  101:         SEQUENCE {
   798 02    1:           INTEGER 1
   801 30   24:           SEQUENCE {
   803 30   18:             SEQUENCE {
   805 31   16:               SET {
   807 30   14:                 SEQUENCE {
   809 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   814 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   823 02    2:             INTEGER 200
              :             }
   827 30    9:           SEQUENCE {
   829 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
   836 05    0:             NULL
              :             }
   838 30    9:           SEQUENCE {
   840 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   849 04   48:           OCTET STRING, encapsulates {
   851 30   44:               SEQUENCE {
   853 02   20:                 INTEGER
              :                   15 D0 DC EE FF D4 36 5B 93 0D CF 69
3D 37 45 A0
              :                   34 9A 63 35
   875 02   20:                 INTEGER
              :                   49 75 76 4C 33 00 0A AB 90 FD EF 9C
47 80 21 F1
              :                   49 EA 02 15
              :                 }
              :               }
              :           }
              :         }
              :       }
              :     }
              :   }

5.4 Fancier signed content

Same as 5.1, but includes Carl's root cert, Carl's CRL, some signed and
unsigned attributes (Countersignature by Diane). A SignedData with no
attribute certificates, signed by Alice using DSS, her certificate
and Carl's root cert, Carl's DSS CRL. The message is ExContent, and is
included in the eContent. The signed attributes are Content Type,
Message Digest and Signing Time; the unsigned attributes are content
hint and counter signature.

     0 30 2727: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 2712:   [0] {
    19 30 2708:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30   43:       SEQUENCE {
    39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    50 A0   30:         [0] {
    52 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    82 A0 1927:       [0] {
    86 30  514:         SEQUENCE {
    90 30  367:           SEQUENCE {
    94 A0    3:             [0] {
    96 02    1:               INTEGER 2
              :               }
    99 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
   117 30    9:             SEQUENCE {
   119 06    5:               OBJECT IDENTIFIER
              :                 sha-1WithRSAEncryption (1 3 14 3 2 29)
              :                 (Oddball OIW OID)
   126 05    0:               NULL
              :               }
   128 30   18:             SEQUENCE {
   130 31   16:               SET {
   132 30   14:                 SEQUENCE {
   134 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   139 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   148 30   30:             SEQUENCE {
   150 17   13:               UTCTime '990919010847Z'
   165 17   13:               UTCTime '391231235959Z'
              :               }
   180 30   19:             SEQUENCE {
   182 31   17:               SET {
   184 30   15:                 SEQUENCE {
   186 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   191 13    8:                   PrintableString 'AliceRSA'
              :                   }
              :                 }
              :               }
   201 30  159:             SEQUENCE {
   204 30   13:               SEQUENCE {
   206 06    9:                 OBJECT IDENTIFIER
              :                   rsaEncryption (1 2 840 113549 1 1 1)
              :                   (PKCS #1)
   217 05    0:                 NULL
              :                 }
   219 03  141:               BIT STRING 0 unused bits
              :                 30 81 89 02 81 81 00 E0 89 73 39 8D D8 F5 F5 E8
              :                 87 76 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB DC 7D
              :                 C7 75 29 0D 05 2E 6D 12 DF A6 86 26 D4 D2 6F AA
              :                 58 29 FC 97 EC FA 82 51 0F 30 80 BE B1 50 9E 46
              :                 44 F1 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 AC BE
              :                 EE 34 09 6A 13 F5 F7 05 05 93 DF 5E BA 35 56 D9
              :                 61 FF 19 7F C9 81 E6 F8 6C EA 87 40 70 EF AC 6D
              :                 2C 74 9F 2D FA 55 3A B9 99 77 02 A6 48 52 8C 4E
              :                         [ Another 12 bytes skipped ]
              :               }
   363 A3   96:             [3] {
   365 30   94:               SEQUENCE {
   367 30   12:                 SEQUENCE {
   369 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   374 01    1:                   BOOLEAN TRUE
   377 04    2:                   OCTET STRING
              :                   30 00
              :                   }
   381 30   14:                 SEQUENCE {
   383 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   388 01    1:                   BOOLEAN TRUE
   391 04    4:                   OCTET STRING
              :                   03 02 06 C0
              :                   }
   397 30   31:                 SEQUENCE {
   399 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   404 04   24:                   OCTET STRING
              :                   30 16 80 14 E9 E0 90 27 AC 78 20 7A
9A D3 4C F2
              :                   42 37 4E 22 AE 9E 38 BB
              :                   }
   430 30   29:                 SEQUENCE {
   432 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   437 04   22:                   OCTET STRING
              :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE
45 9D CE EC
              :                   3C A0 3A E3 FF 50
              :                   }
              :                 }
              :               }
              :             }
   461 30    9:           SEQUENCE {
   463 06    5:             OBJECT IDENTIFIER
              :               sha-1WithRSAEncryption (1 3 14 3 2 29)
              :               (Oddball OIW OID)
   470 05    0:             NULL
              :             }
   472 03  129:           BIT STRING 0 unused bits
              :             BF 34 32 E6 FC 6A 88 41 7D F0 5C 99 A1 93 B7 49
              :             B7 02 52 1E CB 84 AC 93 D7 58 2B 00 A1 9C C4 48
              :             48 99 DD 02 C3 C6 05 F8 D2 25 F1 A3 9C C9 33 01
              :             8A 76 0E 6F 77 43 A3 BF E1 E6 B3 6A 04 79 39 EE
              :             E1 E9 E5 9D 50 07 8B 22 DC 12 50 E3 F3 B4 3D 9E
              :             E5 93 9E B1 CD 33 F9 E0 AB 98 71 09 F8 EB B0 FC
              :             9C EC F1 88 D8 AE 03 D1 FE 60 E1 62 14 B1 A2 23
              :             D2 C8 8D 18 1F 5E EE 9B 72 02 27 C2 85 3D 04 2E
              :           }
   604 30  667:         SEQUENCE {
   608 30  602:           SEQUENCE {
   612 A0    3:             [0] {
   614 02    1:               INTEGER 2
              :               }
   617 02    1:             INTEGER 1
   620 30    9:             SEQUENCE {
   622 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   631 30   18:             SEQUENCE {
   633 31   16:               SET {
   635 30   14:                 SEQUENCE {
   637 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   642 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   651 30   30:             SEQUENCE {
   653 17   13:               UTCTime '990816225050Z'
   668 17   13:               UTCTime '391231235959Z'
              :               }
   683 30   18:             SEQUENCE {
   685 31   16:               SET {
   687 30   14:                 SEQUENCE {
   689 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   694 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   703 30  439:             SEQUENCE {
   707 30  299:               SEQUENCE {
   711 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   720 30  286:                 SEQUENCE {
   724 02  129:                   INTEGER
              :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C
01 C4 12 C1
              :                   7A 79 CB 54 4D AB 1E 81 FB C6 4C B3
0E 94 09 06
              :                   EB 01 D4 B1 C8 71 4B C7 45 C0 50 25
5D 9C FC DA
              :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95
4A 16 F6 46
              :                   ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16
7B B9 50 01
              :                   48 93 8B EB 25 15 51 97 55 DC 8F 53
0E 10 A9 50
              :                   FC 70 B7 CD 30 54 FD DA DE A8 AA 22
B5 A1 AF 8B
              :                   CC 02 88 E7 8B 70 5F B9 AD E1 08 D4
6D 29 2D D6
              :                           [ Another 1 bytes skipped ]
   856 02   21:                   INTEGER
              :                   00 DD C1 2F DF 53 CE 0B 34 60 77 3E
02 A4 BF 8A
              :                   5D 98 B9 10 D5
   879 02  128:                   INTEGER
              :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37
4F 55 7F 9D
              :                   ED BC 61 0D EB 46 59 3C 56 0B 2B 5B
0C 91 CE A5
              :                   62 52 69 CA E1 6D 3E BD BF FE E1 B7
B9 2B 61 3C
              :                   AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
87 0B C7 CD
              :                   F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D
5A 51 F5 4F
              :                   44 79 35 5A 73 AA 7F 46 51 1F A9 42
16 9C 48 EB
              :                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86
B8 A3 58 06
              :                   25 F8 29 C0 EF BA E0 75 F0 42 C4 63
65 52 9B 0A
              :                   }
              :                 }
1010 03  133:               BIT STRING 0 unused bits
              :                 02 81 81 00 99 87 74 27 03 66 A0 B1 C0 AD DC 2C
              :                 75 BB E1 6C 44 9C DA 21 6D 4D 47 6D B1 62 09 E9
              :                 D8 AE 1E F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00 94
              :                 C9 B4 25 4E B9 60 96 19 24 01 F3 62 0C FE 75 C0
              :                 FB CE D8 68 00 E3 FD D5 70 4F DF 23 96 19 06 94
              :                 F4 B1 61 8F 3A 57 B1 08 11 A4 0B 26 25 F0 52 76
              :                 81 EA 0B 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 0B
              :                 AA 27 CD 1B A9 4D 89 9A D7 8D 18 39 84 3F 8B C5
              :                         [ Another 4 bytes skipped ]
              :               }
1146 A3   66:             [3] {
1148 30   64:               SEQUENCE {
1150 30   15:                 SEQUENCE {
1152 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
1157 01    1:                   BOOLEAN TRUE
1160 04    5:                   OCTET STRING
              :                   30 03 01 01 FF
              :                   }
1167 30   14:                 SEQUENCE {
1169 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
1174 01    1:                   BOOLEAN TRUE
1177 04    4:                   OCTET STRING
              :                   03 02 01 86
              :                   }
1183 30   29:                 SEQUENCE {
1185 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
1190 04   22:                   OCTET STRING
              :                   04 14 70 44 3E 82 2E 6F 87 DE 4A D3
75 E3 3D 20
              :                   BC 43 2B 93 F1 1F
              :                   }
              :                 }
              :               }
              :             }
1214 30    9:           SEQUENCE {
1216 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1225 03   48:           BIT STRING 0 unused bits
              :             30 2D 02 14 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B
              :             C9 06 37 E9 11 17 A1 13 02 15 00 8F 34 69 2A 8B
              :             B1 3C 03 79 94 32 4D 12 1F CE 89 FB 46 B2 3B
              :           }
1275 30  734:         SEQUENCE {
1279 30  669:           SEQUENCE {
1283 A0    3:             [0] {
1285 02    1:               INTEGER 2
              :               }
1288 02    2:             INTEGER 200
1292 30    9:             SEQUENCE {
1294 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
1303 30   18:             SEQUENCE {
1305 31   16:               SET {
1307 30   14:                 SEQUENCE {
1309 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
1314 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
1323 30   30:             SEQUENCE {
1325 17   13:               UTCTime '990817011049Z'
1340 17   13:               UTCTime '391231235959Z'
              :               }
1355 30   19:             SEQUENCE {
1357 31   17:               SET {
1359 30   15:                 SEQUENCE {
1361 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
1366 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
1376 30  438:             SEQUENCE {
1380 30  299:               SEQUENCE {
1384 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
1393 30  286:                 SEQUENCE {
1397 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                           [ Another 1 bytes skipped ]
1529 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
1552 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
1683 03  132:               BIT STRING 0 unused bits
              :                 02 81 80 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 3F
              :                 A9 EC AC 5E DC BD B7 13 11 34 A6 16 89 28 11 23
              :                 D9 34 86 67 75 75 13 12 3D 43 5B 6F E5 51 BF FA
              :                 89 F2 A2 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 A5
              :                 A0 4A E3 85 D6 CE 06 80 3F E8 23 7E 1A F2 24 AB
              :                 53 1A B8 27 0D 1E EF 08 BF 66 14 80 5C 62 AC 65
              :                 FA 15 8B F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 32
              :                 84 F0 7E 41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4 F2
              :                         [ Another 3 bytes skipped ]
              :               }
1818 A3  131:             [3] {
1821 30  128:               SEQUENCE {
1824 30   32:                 SEQUENCE {
1826 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
1831 04   25:                   OCTET STRING
              :                   30 17 81 15 61 6C 69 63 65 44 73 73
40 65 78 61
              :                   6D 70 6C 65 73 2E 63 6F 6D
              :                   }
1858 30   12:                 SEQUENCE {
1860 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
1865 01    1:                   BOOLEAN TRUE
1868 04    2:                   OCTET STRING
              :                   30 00
              :                   }
1872 30   14:                 SEQUENCE {
1874 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
1879 01    1:                   BOOLEAN TRUE
1882 04    4:                   OCTET STRING
              :                   03 02 06 C0
              :                   }
1888 30   31:                 SEQUENCE {
1890 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
1895 04   24:                   OCTET STRING
              :                   30 16 80 14 70 44 3E 82 2E 6F 87 DE
4A D3 75 E3
              :                   3D 20 BC 43 2B 93 F1 1F
              :                   }
1921 30   29:                 SEQUENCE {
1923 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
1928 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
1952 30    9:           SEQUENCE {
1954 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1963 03   48:           BIT STRING 0 unused bits
              :             30 2D 02 15 00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
              :             8F C0 F8 24 05 E8 46 94 8E 02 14 5B 9F 48 C0 8C
              :             A1 C1 02 9C 44 EA E9 A1 87 C1 A5 7F 28 2D BB
              :           }
              :         }
2013 A1  219:       [1] {
2016 30  216:         SEQUENCE {
2019 30  153:           SEQUENCE {
2022 30    9:             SEQUENCE {
2024 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
2033 30   18:             SEQUENCE {
2035 31   16:               SET {
2037 30   14:                 SEQUENCE {
2039 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
2044 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
2053 17   13:             UTCTime '990827070000Z'
2068 30  105:             SEQUENCE {
2070 30   19:               SEQUENCE {
2072 02    2:                 INTEGER 200
2076 17   13:                 UTCTime '990822070000Z'
              :                 }
2091 30   19:               SEQUENCE {
2093 02    2:                 INTEGER 201
2097 17   13:                 UTCTime '990822070000Z'
              :                 }
2112 30   19:               SEQUENCE {
2114 02    2:                 INTEGER 211
2118 17   13:                 UTCTime '990822070000Z'
              :                 }
2133 30   19:               SEQUENCE {
2135 02    2:                 INTEGER 210
2139 17   13:                 UTCTime '990822070000Z'
              :                 }
2154 30   19:               SEQUENCE {
2156 02    2:                 INTEGER 212
2160 17   13:                 UTCTime '990824070000Z'
              :                 }
              :               }
              :             }
2175 30    9:           SEQUENCE {
2177 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
2186 03   47:           BIT STRING 0 unused bits
              :             30 2C 02 14 7E 65 52 76 33 FE 34 73 17 D1 F7 96
              :             F9 A0 D4 D8 6D 5C 7D 3D 02 14 02 7A 5B B7 D5 5B
              :             18 C1 CF 87 EF 7E DA 24 F3 2A 83 9C 35 A1
              :           }
              :         }
2235 31  492:       SET {
2239 30  488:         SEQUENCE {
2243 02    1:           INTEGER 1
2246 30   24:           SEQUENCE {
2248 30   18:             SEQUENCE {
2250 31   16:               SET {
2252 30   14:                 SEQUENCE {
2254 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
2259 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
2268 02    2:             INTEGER 200
              :             }
2272 30    7:           SEQUENCE {
2274 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
2281 A0   95:           [0] {
2283 30   24:             SEQUENCE {
2285 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
2296 31   11:               SET {
2298 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
              :                 }
              :               }
2309 30   30:             SEQUENCE {
2311 06    9:               OBJECT IDENTIFIER
              :                 signingTime (1 2 840 113549 1 9 5)
              :                 (PKCS #9 (1 2 840 113549 1 9))
2322 31   17:               SET {
2324 18   15:                 GeneralizedTime '20000426190200Z'
              :                 }
              :               }
2341 30   35:             SEQUENCE {
2343 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
2354 31   22:               SET {
2356 04   20:                 OCTET STRING
              :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
              :                   96 87 DD 48
              :                 }
              :               }
              :             }
2378 30    9:           SEQUENCE {
2380 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :               (ANSI X9.57 algorithm)
              :             }
2389 04   46:           OCTET STRING
              :             30 2C 02 14 48 10 B9 43 4F 85 A8 F0 85 96 FB 42
              :             1C B9 65 CE 77 44 11 E1 02 14 69 23 F2 60 59 CE
              :             22 16 05 3F 25 64 68 3E 8D B2 FD 7D CC 28
2437 A1  290:           [1] {
2441 30  286:             SEQUENCE {
2445 06    9:               OBJECT IDENTIFIER
              :                 countersignature (1 2 840 113549 1 9 6)
              :                 (PKCS #9 (1 2 840 113549 1 9))
2456 31  271:               SET {
2460 30  267:                 SEQUENCE {
2464 02    1:                   INTEGER 1
2467 30   38:                   SEQUENCE {
2469 30   18:                     SEQUENCE {
2471 31   16:                       SET {
2473 30   14:                         SEQUENCE {
2475 06    3:                           OBJECT IDENTIFIER commonName (2 5 4 3)
              :                             (X.520 id-at (2 5 4))
2480 13    7:                           PrintableString 'CarlRSA'
              :                           }
              :                         }
              :                       }
2489 02   16:                     INTEGER
              :                   46 34 6B C7 80 00 56 BC 11 D3 6E 2E
C4 10 B3 B0
              :                     }
2507 30    7:                   SEQUENCE {
2509 06    5:                     OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :                       (OIW)
              :                     }
2516 A0   69:                   [0] {
2518 30   30:                     SEQUENCE {
2520 06    9:                       OBJECT IDENTIFIER
              :                         signingTime (1 2 840 113549 1 9 5)
              :                         (PKCS #9 (1 2 840 113549 1 9))
2531 31   17:                       SET {
2533 18   15:                         GeneralizedTime '20000426190200Z'
              :                         }
              :                       }
2550 30   35:                     SEQUENCE {
2552 06    9:                       OBJECT IDENTIFIER
              :                         messageDigest (1 2 840 113549 1 9 4)
              :                         (PKCS #9 (1 2 840 113549 1 9))
2563 31   22:                       SET {
2565 04   20:                         OCTET STRING
              :                   EC 0F EF 2F 2A 4F D4 78 F9 C6 7B 9D
C5 2C 4D 30
              :                   C8 60 FD 84
              :                         }
              :                       }
              :                     }
2587 30   11:                   SEQUENCE {
2589 06    9:                     OBJECT IDENTIFIER
              :                       rsaEncryption (1 2 840 113549 1 1 1)
              :                       (PKCS #1)
              :                     }
2600 04  128:                   OCTET STRING
              :                   30 1C 0B F4 39 57 43 52 0A 4C B0 69
0A 80 C0 B4
              :                   0B 95 9B 9C 24 7B 6F 60 CF 96 43 28
4D 42 AC D3
              :                   8C EE C2 AB F8 94 59 EB F8 9C B6 04
15 3D B5 79
              :                   08 97 C0 D5 F8 04 42 51 73 7D 29 03
D1 CC DC B8
              :                   BD C4 5B 93 0B 6E DE 9C EB 86 70 B4
38 A4 B5 45
              :                   50 F6 30 EB 4F 96 17 04 2F 97 71 59
64 92 A2 68
              :                   9A 89 1B DB 99 59 90 10 4F AA 62 31
3F D0 B4 77
              :                   1C 4E 29 E4 E3 CD 3E 6A EA 03 47 78
49 A9 2E 53
              :                   }
              :                 }
              :               }
              :             }
              :           }
              :         }
              :       }
              :     }
              :   }

5.5 All RSA signed message

Same as 5.2, but includes Carl's RSA root cert (but no CRL). A
SignedData with no attribute certificates, signed by Alice using RSA,
her certificate and Carl's root cert, no CRL. The message is ExContent,
and is included in the eContent. There are no signed or unsigned
attributes.

     0 30 NDEF: SEQUENCE {
     2 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    13 A0 NDEF:   [0] {
    15 30 NDEF:     SEQUENCE {
    17 02    1:       INTEGER 1
    20 31   11:       SET {
    22 30    9:         SEQUENCE {
    24 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
    31 05    0:           NULL
              :           }
              :         }
    33 30 NDEF:       SEQUENCE {
    35 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    46 A0 NDEF:         [0] {
    48 24 NDEF:           OCTET STRING {
    50 04    4:             OCTET STRING
              :               54 68 69 73
    56 04   24:             OCTET STRING
              :               20 69 73 20 73 6F 6D 65 20 73 61 6D 70 6C 65 20
              :               63 6F 6E 74 65 6E 74 2E
              :             }
              :           }
              :         }
    88 A0 1021:       [0] {
    92 30  491:         SEQUENCE {
    96 30  340:           SEQUENCE {
   100 A0    3:             [0] {
   102 02    1:               INTEGER 2
              :               }
   105 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E 9F F2 50 20
   123 30   13:             SEQUENCE {
   125 06    9:               OBJECT IDENTIFIER
              :                 sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :                 (PKCS #1)
   136 05    0:               NULL
              :               }
   138 30   18:             SEQUENCE {
   140 31   16:               SET {
   142 30   14:                 SEQUENCE {
   144 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   149 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   158 30   30:             SEQUENCE {
   160 17   13:               UTCTime '990818070000Z'
   175 17   13:               UTCTime '391231235959Z'
              :               }
   190 30   18:             SEQUENCE {
   192 31   16:               SET {
   194 30   14:                 SEQUENCE {
   196 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   201 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   210 30  159:             SEQUENCE {
   213 30   13:               SEQUENCE {
   215 06    9:                 OBJECT IDENTIFIER
              :                   rsaEncryption (1 2 840 113549 1 1 1)
              :                   (PKCS #1)
   226 05    0:                 NULL
              :                 }
   228 03  141:               BIT STRING 0 unused bits, encapsulates {
   232 30  137:                   SEQUENCE {
   235 02  129:                     INTEGER
              :                   00 E4 4B FF 18 B8 24 57 F4 77 FF 6E
73 7B 93 71
              :                   5C BC 33 1A 92 92 72 23 D8 41 46 D0
CD 11 3A 04
              :                   B3 8E AF 82 9D BD 51 1E 17 7A F2 76
2C 2B 86 39
              :                   A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC
A2 36 B1 ED
              :                   E2 50 E2 32 09 8A 3F 9F 99 25 8F B8
4E AB B9 7D
              :                   D5 96 65 DA 16 A0 C5 BE 0E AE 44 5B
EF 5E F4 A7
              :                   29 CB 82 DD AC 44 E9 AA 93 94 29 0E
F8 18 D6 C8
              :                   57 5E F2 76 C4 F2 11 60 38 B9 1B 3C
1D 97 C9 6A
              :                   F1
   367 02    3:                     INTEGER 65537
              :                     }
              :                   }
              :               }
   372 A3   66:             [3] {
   374 30   64:               SEQUENCE {
   376 30   15:                 SEQUENCE {
   378 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   383 01    1:                   BOOLEAN TRUE
   386 04    5:                   OCTET STRING, encapsulates {
   388 30    3:                       SEQUENCE {
   390 01    1:                         BOOLEAN TRUE
              :                         }
              :                       }
              :                   }
   393 30   14:                 SEQUENCE {
   395 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   400 01    1:                   BOOLEAN TRUE
   403 04    4:                   OCTET STRING, encapsulates {
   405 03    2:                       BIT STRING 1 unused bits
              :                         '1100001'B
              :                       }
              :                   }
   409 30   29:                 SEQUENCE {
   411 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   416 04   22:                   OCTET STRING
              :                   04 14 E9 E0 90 27 AC 78 20 7A 9A D3
4C F2 42 37
              :                   4E 22 AE 9E 38 BB
              :                   }
              :                 }
              :               }
              :             }
   440 30   13:           SEQUENCE {
   442 06    9:             OBJECT IDENTIFIER
              :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :               (PKCS #1)
   453 05    0:             NULL
              :             }
   455 03  129:           BIT STRING 0 unused bits
              :             B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 2E 4C DB 0C
              :             F0 48 0F 32 61 EE C4 04 EC 12 5D 2D FF 0F 64 59
              :             7E 0A C3 ED 18 FD E3 56 40 37 A7 07 B5 F0 38 12
              :             61 50 ED EF DD 3F E3 0B B8 61 A5 A4 9B 3C E6 9E
              :             9C 54 9A B6 95 D6 DA 6C 3B B5 2D 45 35 9D 49 01
              :             76 FA B9 B9 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D
              :             CA 3E F2 53 6B B0 37 6F AD E6 74 D7 DB FA 5A EA
              :             14 41 63 5D CD BE C8 0E C1 DA 6A 8D 53 34 18 02
              :           }
   587 30  522:         SEQUENCE {
   591 30  371:           SEQUENCE {
   595 A0    3:             [0] {
   597 02    1:               INTEGER 2
              :               }
   600 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
   618 30   13:             SEQUENCE {
   620 06    9:               OBJECT IDENTIFIER
              :                 sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :                 (PKCS #1)
   631 05    0:               NULL
              :               }
   633 30   18:             SEQUENCE {
   635 31   16:               SET {
   637 30   14:                 SEQUENCE {
   639 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   644 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   653 30   30:             SEQUENCE {
   655 17   13:               UTCTime '990819070000Z'
   670 17   13:               UTCTime '391231235959Z'
              :               }
   685 30   19:             SEQUENCE {
   687 31   17:               SET {
   689 30   15:                 SEQUENCE {
   691 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   696 13    8:                   PrintableString 'AliceRSA'
              :                   }
              :                 }
              :               }
   706 30  159:             SEQUENCE {
   709 30   13:               SEQUENCE {
   711 06    9:                 OBJECT IDENTIFIER
              :                   rsaEncryption (1 2 840 113549 1 1 1)
              :                   (PKCS #1)
   722 05    0:                 NULL
              :                 }
   724 03  141:               BIT STRING 0 unused bits, encapsulates {
   728 30  137:                   SEQUENCE {
   731 02  129:                     INTEGER
              :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
39 7F 4E B0
              :                   05 BB 53 83 DE 0F B7 AB DC 7D C7 75
29 0D 05 2E
              :                   6D 12 DF A6 86 26 D4 D2 6F AA 58 29
FC 97 EC FA
              :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1
2C BB D8 32
              :                   CF C6 68 6F 07 D9 B0 60 AC BE EE 34
09 6A 13 F5
              :                   F7 05 05 93 DF 5E BA 35 56 D9 61 FF
19 7F C9 81
              :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
9F 2D FA 55
              :                   3A B9 99 77 02 A6 48 52 8C 4E F3 57
38 57 74 57
              :                   5F
   863 02    3:                     INTEGER 65537
              :                     }
              :                   }
              :               }
   868 A3   96:             [3] {
   870 30   94:               SEQUENCE {
   872 30   12:                 SEQUENCE {
   874 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   879 01    1:                   BOOLEAN TRUE
   882 04    2:                   OCTET STRING, encapsulates {
   884 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   886 30   14:                 SEQUENCE {
   888 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   893 01    1:                   BOOLEAN TRUE
   896 04    4:                   OCTET STRING, encapsulates {
   898 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   902 30   31:                 SEQUENCE {
   904 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   909 04   24:                   OCTET STRING, encapsulates {
   911 30   22:                       SEQUENCE {
   913 80   20:                         [0]
              :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
              :                   AE 9E 38 BB
              :                         }
              :                       }
              :                   }
   935 30   29:                 SEQUENCE {
   937 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   942 04   22:                   OCTET STRING
              :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE
45 9D CE EC
              :                   3C A0 3A E3 FF 50
              :                   }
              :                 }
              :               }
              :             }
   966 30   13:           SEQUENCE {
   968 06    9:             OBJECT IDENTIFIER
              :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :               (PKCS #1)
   979 05    0:             NULL
              :             }
   981 03  129:           BIT STRING 0 unused bits
              :             52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
              :             6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
              :             F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
              :             97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
              :             06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
              :             4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
              :             C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
              :             C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
              :           }
              :         }
1113 31  203:       SET {
1116 30  200:         SEQUENCE {
1119 02    1:           INTEGER 1
1122 30   38:           SEQUENCE {
1124 30   18:             SEQUENCE {
1126 31   16:               SET {
1128 30   14:                 SEQUENCE {
1130 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
1135 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
1144 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
              :             }
1162 30    9:           SEQUENCE {
1164 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
1171 05    0:             NULL
              :             }
1173 30   13:           SEQUENCE {
1175 06    9:             OBJECT IDENTIFIER
              :               rsaEncryption (1 2 840 113549 1 1 1)
              :               (PKCS #1)
1186 05    0:             NULL
              :             }
1188 04  128:           OCTET STRING
              :             2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E 9D BF 89 9A
              :             81 E5 75 C4 91 3D D3 D0 D5 7B B6 D5 FE 94 A1 8A
              :             AC E3 C4 84 F5 CD 60 4E 27 95 F6 CF 00 86 76 75
              :             3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 04 A5 B3 B5
              :             E7 D9 32 F0 24 EF E7 20 44 D5 9F 07 C5 53 24 FA
              :             CE 01 1D 0F 17 13 A7 2A 95 9D 2B E4 03 95 14 0B
              :             E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 55 13 D4 68
              :             6F D0 07 D7 A2 B1 62 4C E3 8F AF FD E0 D5 5D C7
              :           }
              :         }
              :       }
              :     }
              :   }

5.6 Multiple signers

Similar to 5.1, but the message is also signed by Diane. Two
signerInfos (one for Alice, one for Diane) with no attribute
certificates, each signed using DSS, Alice's and Diane's certificate
(not Carl's root cert), no CRL. The message is ExContent, and is
included in the eContent. There are no signed or unsigned attributes.

     0 30 1477: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1462:   [0] {
    19 30 1458:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31   11:       SET {
    28 30    9:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
    37 05    0:           NULL
              :           }
              :         }
    39 30   43:       SEQUENCE {
    41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    52 A0   30:         [0] {
    54 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    84 A0 1184:       [0] {
    88 30  442:         SEQUENCE {
    92 30  377:           SEQUENCE {
    96 A0    3:             [0] {
    98 02    1:               INTEGER 2
              :               }
   101 02    2:             INTEGER 210
   105 30    9:             SEQUENCE {
   107 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   116 30   18:             SEQUENCE {
   118 31   16:               SET {
   120 30   14:                 SEQUENCE {
   122 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   127 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   136 30   30:             SEQUENCE {
   138 17   13:               UTCTime '990817020810Z'
   153 17   13:               UTCTime '391231235959Z'
              :               }
   168 30   19:             SEQUENCE {
   170 31   17:               SET {
   172 30   15:                 SEQUENCE {
   174 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   179 13    8:                   PrintableString 'DianeDSS'
              :                   }
              :                 }
              :               }
   189 30  147:             SEQUENCE {
   192 30    9:               SEQUENCE {
   194 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
              :                 }
   203 03  133:               BIT STRING 0 unused bits, encapsulates {
   207 02  129:                   INTEGER
              :                   00 A0 00 17 78 2C EE 7E 81 53 2E 2E
61 08 0F A1
              :                   9B 51 52 1A DA 59 A8 73 2F 12 25 B6
08 CB CA EF
              :                   2A 44 76 8A 52 09 EA BD 05 22 D5 0F
F6 FD 46 D7
              :                   AF 99 38 09 0E 13 CB 4F 2C DD 1C 34
F7 1C BF 25
              :                   FF 23 D3 3B 59 E7 82 97 37 BE 31 24
D8 18 C8 F3
              :                   49 39 5B B7 E2 E5 27 7E FC 8C 45 72
5B 7E 3E 8F
              :                   68 4D DD 46 7A 22 BE 8E FF CC DA 39
29 A3 39 E5
              :                   9F 43 E9 55 C9 D7 5B A6 81 67 CC C0
AA CD 2E C5
              :                   23
              :                   }
              :               }
   339 A3  131:             [3] {
   342 30  128:               SEQUENCE {
   345 30   32:                 SEQUENCE {
   347 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   352 04   25:                   OCTET STRING, encapsulates {
   354 30   23:                       SEQUENCE {
   356 81   21:                         [1] 'dianeDss@examples.com'
              :                         }
              :                       }
              :                   }
   379 30   12:                 SEQUENCE {
   381 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   386 01    1:                   BOOLEAN TRUE
   389 04    2:                   OCTET STRING, encapsulates {
   391 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   393 30   14:                 SEQUENCE {
   395 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   400 01    1:                   BOOLEAN TRUE
   403 04    4:                   OCTET STRING, encapsulates {
   405 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   409 30   31:                 SEQUENCE {
   411 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   416 04   24:                   OCTET STRING, encapsulates {
   418 30   22:                       SEQUENCE {
   420 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   442 30   29:                 SEQUENCE {
   444 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   449 04   22:                   OCTET STRING
              :                   04 14 64 30 99 7D 5C DC 45 0B 99 3A
52 2F 16 BF
              :                   58 50 DD CE 2B 18
              :                   }
              :                 }
              :               }
              :             }
   473 30    9:           SEQUENCE {
   475 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   484 03   48:           BIT STRING 0 unused bits, encapsulates {
   487 30   45:               SEQUENCE {
   489 02   20:                 INTEGER
              :                   7E 0C 0C 81 17 B4 9A 54 B2 C3 30 EB
8A C4 3C C2
              :                   52 36 9E 95
   511 02   21:                 INTEGER
              :                   00 C6 9F 17 C2 71 4B AC 2E 39 8D 3D
10 1F 9A B3
              :                   4D B6 F9 11 A3
              :                 }
              :               }
              :           }
   534 30  734:         SEQUENCE {
   538 30  669:           SEQUENCE {
   542 A0    3:             [0] {
   544 02    1:               INTEGER 2
              :               }
   547 02    2:             INTEGER 200
   551 30    9:             SEQUENCE {
   553 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   562 30   18:             SEQUENCE {
   564 31   16:               SET {
   566 30   14:                 SEQUENCE {
   568 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   573 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   582 30   30:             SEQUENCE {
   584 17   13:               UTCTime '990817011049Z'
   599 17   13:               UTCTime '391231235959Z'
              :               }
   614 30   19:             SEQUENCE {
   616 31   17:               SET {
   618 30   15:                 SEQUENCE {
   620 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   625 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   635 30  438:             SEQUENCE {
   639 30  299:               SEQUENCE {
   643 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   652 30  286:                 SEQUENCE {
   656 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                   DB
   788 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   811 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   942 03  132:               BIT STRING 0 unused bits, encapsulates {
   946 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
1077 A3  131:             [3] {
1080 30  128:               SEQUENCE {
1083 30   32:                 SEQUENCE {
1085 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
1090 04   25:                   OCTET STRING, encapsulates {
1092 30   23:                       SEQUENCE {
1094 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
1117 30   12:                 SEQUENCE {
1119 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
1124 01    1:                   BOOLEAN TRUE
1127 04    2:                   OCTET STRING, encapsulates {
1129 30    0:                       SEQUENCE {}
              :                       }
              :                   }
1131 30   14:                 SEQUENCE {
1133 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
1138 01    1:                   BOOLEAN TRUE
1141 04    4:                   OCTET STRING, encapsulates {
1143 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
1147 30   31:                 SEQUENCE {
1149 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
1154 04   24:                   OCTET STRING, encapsulates {
1156 30   22:                       SEQUENCE {
1158 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
1180 30   29:                 SEQUENCE {
1182 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
1187 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
1211 30    9:           SEQUENCE {
1213 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1222 03   48:           BIT STRING 0 unused bits, encapsulates {
1225 30   45:               SEQUENCE {
1227 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
1250 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
1272 31  206:       SET {
1275 30  101:         SEQUENCE {
1277 02    1:           INTEGER 1
1280 30   24:           SEQUENCE {
1282 30   18:             SEQUENCE {
1284 31   16:               SET {
1286 30   14:                 SEQUENCE {
1288 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
1293 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
1302 02    2:             INTEGER 200
              :             }
1306 30    9:           SEQUENCE {
1308 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
1315 05    0:             NULL
              :             }
1317 30    9:           SEQUENCE {
1319 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1328 04   48:           OCTET STRING
              :             30 2D 02 15 00 CB 2D 81 7B 0D 3F 4D 8A 0D B6 0A
              :             3C 86 48 B2 22 5B 4F B4 1C 02 14 75 00 20 67 96
              :             9D C5 DD B7 5E 47 94 B2 01 A5 52 15 0C 26 A2 00
              :           }
1378 30  101:         SEQUENCE {
1380 02    1:           INTEGER 1
1383 30   24:           SEQUENCE {
1385 30   18:             SEQUENCE {
1387 31   16:               SET {
1389 30   14:                 SEQUENCE {
1391 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
1396 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
1405 02    2:             INTEGER 210
              :             }
1409 30    9:           SEQUENCE {
1411 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
1418 05    0:             NULL
              :             }
1420 30    9:           SEQUENCE {
1422 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1431 04   48:           OCTET STRING
              :             30 2D 02 14 1F 4B 9C 80 62 FF 19 77 6E 9A FC 66
              :             45 C8 FD 6D 49 7A BA 84 02 15 00 84 D2 E4 E6 8C
              :             BC C4 12 72 74 4F D9 50 A4 A8 66 FB 2A E9 CF 00
              :           }
              :         }
              :       }
              :     }
              :   }

5.7 Signing using SKI

Same as 5.1, but the signature uses the SKI instead of the
issuer/serial number in the cert. A SignedData with no attribute
certificates, signed by Alice using DSS, just her certificate (not
Carl's root cert), identified by the SKI, no CRL. The message is
ExContent, and is included in the eContent. There are no signed or
unsigned attributes.

     0 30  711: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0  696:   [0] {
    19 30  692:     SEQUENCE {
    23 02    1:       INTEGER 3
    26 31   11:       SET {
    28 30    9:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
    37 05    0:           NULL
              :           }
              :         }
    39 30   43:       SEQUENCE {
    41 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    52 A0   30:         [0] {
    54 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    84 A0  526:       [0] {
    88 30  522:         SEQUENCE {
    92 30  371:           SEQUENCE {
    96 A0    3:             [0] {
    98 02    1:               INTEGER 2
              :               }
   101 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E C4 10 B3 B0
   119 30   13:             SEQUENCE {
   121 06    9:               OBJECT IDENTIFIER
              :                 sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :                 (PKCS #1)
   132 05    0:               NULL
              :               }
   134 30   18:             SEQUENCE {
   136 31   16:               SET {
   138 30   14:                 SEQUENCE {
   140 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   145 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   154 30   30:             SEQUENCE {
   156 17   13:               UTCTime '990819070000Z'
   171 17   13:               UTCTime '391231235959Z'
              :               }
   186 30   19:             SEQUENCE {
   188 31   17:               SET {
   190 30   15:                 SEQUENCE {
   192 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   197 13    8:                   PrintableString 'AliceRSA'
              :                   }
              :                 }
              :               }
   207 30  159:             SEQUENCE {
   210 30   13:               SEQUENCE {
   212 06    9:                 OBJECT IDENTIFIER
              :                   rsaEncryption (1 2 840 113549 1 1 1)
              :                   (PKCS #1)
   223 05    0:                 NULL
              :                 }
   225 03  141:               BIT STRING 0 unused bits, encapsulates {
   229 30  137:                   SEQUENCE {
   232 02  129:                     INTEGER
              :                   00 E0 89 73 39 8D D8 F5 F5 E8 87 76
39 7F 4E B0
              :                   05 BB 53 83 DE 0F B7 AB DC 7D C7 75
29 0D 05 2E
              :                   6D 12 DF A6 86 26 D4 D2 6F AA 58 29
FC 97 EC FA
              :                   82 51 0F 30 80 BE B1 50 9E 46 44 F1
2C BB D8 32
              :                   CF C6 68 6F 07 D9 B0 60 AC BE EE 34
09 6A 13 F5
              :                   F7 05 05 93 DF 5E BA 35 56 D9 61 FF
19 7F C9 81
              :                   E6 F8 6C EA 87 40 70 EF AC 6D 2C 74
9F 2D FA 55
              :                   3A B9 99 77 02 A6 48 52 8C 4E F3 57
38 57 74 57
              :                   5F
   364 02    3:                     INTEGER 65537
              :                     }
              :                   }
              :               }
   369 A3   96:             [3] {
   371 30   94:               SEQUENCE {
   373 30   12:                 SEQUENCE {
   375 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   380 01    1:                   BOOLEAN TRUE
   383 04    2:                   OCTET STRING, encapsulates {
   385 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   387 30   14:                 SEQUENCE {
   389 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   394 01    1:                   BOOLEAN TRUE
   397 04    4:                   OCTET STRING, encapsulates {
   399 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   403 30   31:                 SEQUENCE {
   405 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   410 04   24:                   OCTET STRING, encapsulates {
   412 30   22:                       SEQUENCE {
   414 80   20:                         [0]
              :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
              :                   AE 9E 38 BB
              :                         }
              :                       }
              :                   }
   436 30   29:                 SEQUENCE {
   438 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   443 04   22:                   OCTET STRING
              :                   04 14 77 D2 B4 D1 B7 4C 8A 8A A3 CE
45 9D CE EC
              :                   3C A0 3A E3 FF 50
              :                   }
              :                 }
              :               }
              :             }
   467 30   13:           SEQUENCE {
   469 06    9:             OBJECT IDENTIFIER
              :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
              :               (PKCS #1)
   480 05    0:             NULL
              :             }
   482 03  129:           BIT STRING 0 unused bits
              :             52 FF B3 8B 54 1E 08 BF F3 6D 0C 12 08 7D 8E CB
              :             6E 59 EC 56 93 A6 4A 22 40 5F 8B 14 79 7E 83 4F
              :             F5 3F DE 21 97 16 58 70 76 32 B2 20 51 A3 1A 1F
              :             97 48 80 5C 83 B0 B8 93 0B 03 44 AE BF BE A4 8C
              :             06 C6 45 E2 81 08 D5 89 58 0C 28 1B 2D A5 8B 1C
              :             4A E3 D7 44 34 D4 CB 53 FC BA A9 8B AA B6 E9 B0
              :             C3 AB 74 F1 2A F1 B0 C6 38 EA 87 02 1E 10 BB 99
              :             C4 BE 36 C0 08 BA 13 65 37 3E 36 F3 31 42 73 18
              :           }
              :         }
   614 31   99:       SET {
   616 30   97:         SEQUENCE {
   618 02    1:           INTEGER 3
   621 80   20:           [0]
              :             BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE 13 01 E2 FD
              :             E3 97 FE CD
   643 30    9:           SEQUENCE {
   645 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
   652 05    0:             NULL
              :             }
   654 30    9:           SEQUENCE {
   656 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   665 04   48:           OCTET STRING, encapsulates {
   667 30   45:               SEQUENCE {
   669 02   21:                 INTEGER
              :                   00 B8 38 97 28 5A E2 E3 FE 4E 6E 24
00 A6 37 F2
              :                   0D 8C 1F 1C EE
   692 02   20:                 INTEGER
              :                   66 B5 EE 3B D8 2B 46 0B E0 64 D0 F5
B9 AD 5C EC
              :                   0F ED 7B 12
              :                 }
              :               }
              :             }
              :           }
              :         }
              :       }
              :     }
              :   }

5.8 S/MIME multipart/signed message

A full S/MIME message, including MIME, that includes the body part from
5.3 and the body containing the content of the message.

MIME-Version: 1.0
Content-Type: multipart/signed;
        protocol="application/pkcs7-signature";
        micalg=SHA1;
        boundary="----=_NextPart_000_0000_01BEF8B8.4F7D5F80"

------=_NextPart_000_0000_01BEF8B8.4F7D5F80

This is some sample content.
------=_NextPart_000_0000_01BEF8B8.4F7D5F80
Content-Type: application/pkcs7-signature;
        name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
        filename="smime.p7s"

MIGXBgkqhkiG9w0BBwKggYkwgYYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAT
FnMGUCAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAJBgUrDgMCGgUAMAkGByqG
SM44BAEEMDAtAhReXmtpBKJiXYtFslX5dRwSToiIIQIVAKPBSCPgCDVvJSJ6HrYUvO
R1kdslAA==

------=_NextPart_000_0000_01BEF8B8.4F7D5F80--

5.9 S/MIME application/pkcs7-mime signed message

A full S/MIME message, including MIME, that includes the body part from
5.1.

Subject: Example 5.9
MIME-Version: 1.0
Content-Type: application/pkcs7-mime; name="smime.p7m";
                smime-type=signed-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7m"

MIG3BgkqhkiG9w0BBwKggakwgaYCAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuMWcwZQIBATAYMBIxEDAOBgNV
BAMTB0NhcmxEU1MCAgDIMAkGBSsOAwIaBQAwCQYHKoZIzjgEAQQwMC0CFHCbJ32Z59
IMxsUhC0viIbe9jUgpAhUAiywMBstKtQZLqEwOeNE7kOnRn6QA

5.10 SignedData With Attributes

A SignedData message with the following list of signedAttributes:
- contentIdentifier
- contentReference
- contentHints
- smimeCapabilities
- sMIMEEncryptionKeyPreference
- unknown OID.

     0 30 1303: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1288:   [0] {
    19 30 1284:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30   43:       SEQUENCE {
    39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    50 A0   30:         [0] {
    52 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    82 31 1221:       SET {
    86 30 1217:         SEQUENCE {
    90 02    1:           INTEGER 1
    93 30   24:           SEQUENCE {
    95 30   18:             SEQUENCE {
    97 31   16:               SET {
    99 30   14:                 SEQUENCE {
   101 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   106 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   115 02    2:             INTEGER 200
              :             }
   119 30    7:           SEQUENCE {
   121 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
   128 A0 1116:           [0] {
   132 30   24:             SEQUENCE {
   134 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   145 31   11:               SET {
   147 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
              :                 }
              :               }
   158 30   35:             SEQUENCE {
   160 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   171 31   22:               SET {
   173 04   20:                 OCTET STRING
              :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
              :                   96 87 DD 48
              :                 }
              :               }
   195 30   56:             SEQUENCE {
   197 06    3:               OBJECT IDENTIFIER '1 2 5555'
   202 31   49:               SET {
   204 04   47:                 OCTET STRING
              :                   54 68 69 73 20 69 73 20 61 20 74 65
73 74 20 47
              :                   65 6E 65 72 61 6C 20 41 53 4E 20 41
74 74 72 69
              :                   62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
              :                 }
              :               }
   253 30   58:             SEQUENCE {
   255 06   11:               OBJECT IDENTIFIER
              :                 id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   268 31   43:               SET {
   270 30   41:                 SEQUENCE {
   272 0C   32:                   UTF8String 'Content Hints Description Buffer'
   306 06    5:                   OBJECT IDENTIFIER '1 2 3 6 5 4'
              :                   }
              :                 }
              :               }
   313 30   74:             SEQUENCE {
   315 06    9:               OBJECT IDENTIFIER
              :                 sMIMECapabilities (1 2 840 113549 1 9 15)
              :                 (PKCS #9 (1 2 840 113549 1 9).
   326 31   61:               SET {
   328 30   59:                 SEQUENCE {
   330 30    7:                   SEQUENCE {
   332 06    5:                     OBJECT IDENTIFIER '1 2 3 4 5 6'
              :                     }
   339 30   48:                   SEQUENCE {
   341 06    6:                     OBJECT IDENTIFIER '1 2 3 4 5 6 77'
   349 04   38:                     OCTET STRING
              :                   53 6D 69 6D 65 20 43 61 70 61 62 69
6C 69 74 69
              :                   65 73 20 70 61 72 61 6D 65 74 65 72
73 20 62 75
              :                   66 66 65 72 20 32
              :                     }
              :                   }
              :                 }
              :               }
   389 30  109:             SEQUENCE {
   391 06   11:               OBJECT IDENTIFIER
              :                 id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   404 31   94:               SET {
   406 31   92:                 SET {
   408 02    1:                   INTEGER 1
   411 06    7:                   OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
   420 31   49:                   SET {
   422 30   47:                     SEQUENCE {
   424 80    8:                       [0]
              :                   2A 03 04 05 06 07 86 78
   434 A1   35:                       [1] {
   436 13   33:                         PrintableString 'THIS IS A
TEST SECURITY-CATEGORY.'
              :                         }
              :                       }
              :                     }
   471 13   27:                   PrintableString 'THIS IS A PRIVACY MARK TEST'
              :                   }
              :                 }
              :               }
   500 30  111:             SEQUENCE {
   502 06   11:               OBJECT IDENTIFIER
              :                 id-aa-contentReference (1 2 840 113549
1 9 16 2 10)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   515 31   96:               SET {
   517 30   94:                 SEQUENCE {
   519 06    5:                   OBJECT IDENTIFIER '1 2 3 4 5 6'
   526 04   43:                   OCTET STRING
              :                   43 6F 6E 74 65 6E 74 20 52 65 66 65
72 65 6E 63
              :                   65 20 43 6F 6E 74 65 6E 74 20 49 64
65 6E 74 69
              :                   66 69 65 72 20 42 75 66 66 65 72
   571 04   40:                   OCTET STRING
              :                   43 6F 6E 74 65 6E 74 20 52 65 66 65
72 65 6E 63
              :                   65 20 53 69 67 6E 61 74 75 72 65 20
56 61 6C 75
              :                   65 20 42 75 66 66 65 72
              :                   }
              :                 }
              :               }
   613 30  115:             SEQUENCE {
   615 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 2 11'
   628 31  100:               SET {
   630 A0   98:                 [0] {
   632 30   90:                   SEQUENCE {
   634 31   11:                     SET {
   636 30    9:                       SEQUENCE {
   638 06    3:                         OBJECT IDENTIFIER countryName (2 5 4 6)
              :                           (X.520 id-at (2 5 4))
   643 13    2:                         PrintableString 'US'
              :                         }
              :                       }
   647 31   22:                     SET {
   649 30   20:                       SEQUENCE {
   651 06    3:                         OBJECT IDENTIFIER
              :                           organizationName (2 5 4 10)
              :                           (X.520 id-at (2 5 4))
   656 13   13:                         PrintableString 'US Government'
              :                         }
              :                       }
   671 31   17:                     SET {
   673 30   15:                       SEQUENCE {
   675 06    3:                         OBJECT IDENTIFIER
              :                           organizationalUnitName (2 5 4 11)
              :                           (X.520 id-at (2 5 4))
   680 13    8:                         PrintableString 'VDA Site'
              :                         }
              :                       }
   690 31   12:                     SET {
   692 30   10:                       SEQUENCE {
   694 06    3:                         OBJECT IDENTIFIER
              :                           organizationalUnitName (2 5 4 11)
              :                           (X.520 id-at (2 5 4))
   699 13    3:                         PrintableString 'VDA'
              :                         }
              :                       }
   704 31   18:                     SET {
   706 30   16:                       SEQUENCE {
   708 06    3:                         OBJECT IDENTIFIER commonName (2 5 4 3)
              :                           (X.520 id-at (2 5 4))
   713 13    9:                         PrintableString 'Daisy RSA'
              :                         }
              :                       }
              :                     }
   724 02    4:                   INTEGER 173360179
              :                   }
              :                 }
              :               }
   730 30  253:             SEQUENCE {
   733 06   11:               OBJECT IDENTIFIER
              :                 id-aa-mlExpandHistory (1 2 840 113549
1 9 16 2 3)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   746 31  237:               SET {
   749 30  234:                 SEQUENCE {
   752 30  231:                   SEQUENCE {
   755 04    7:                     OCTET STRING
              :                   35 37 33 38 32 39 39
   764 18   16:                     GeneralizedTime '199903111044330Z'
   782 A1  201:                     [1] {
   785 30  198:                       SEQUENCE {
   788 A4   97:                         [4] {
   790 30   95:                           SEQUENCE {
   792 31   11:                             SET {
   794 30    9:                               SEQUENCE {
   796 06    3:                                 OBJECT IDENTIFIER
              :                                   countryName (2 5 4 6)
              :                                   (X.520 id-at (2 5 4))
   801 13    2:                                 PrintableString 'US'
              :                                 }
              :                               }
   805 31   22:                             SET {
   807 30   20:                               SEQUENCE {
   809 06    3:                                 OBJECT IDENTIFIER
              :                                   organizationName (2 5 4 10)
              :                                   (X.520 id-at (2 5 4))
   814 13   13:                                 PrintableString 'US Government'
              :                                 }
              :                               }
   829 31   17:                             SET {
   831 30   15:                               SEQUENCE {
   833 06    3:                                 OBJECT IDENTIFIER
              : organizationalUnitName (2 5 4 11)
              :                                   (X.520 id-at (2 5 4))
   838 13    8:                                 PrintableString 'VDA Site'
              :                                 }
              :                               }
   848 31   12:                             SET {
   850 30   10:                               SEQUENCE {
   852 06    3:                                 OBJECT IDENTIFIER
              : organizationalUnitName (2 5 4 11)
              :                                   (X.520 id-at (2 5 4))
   857 13    3:                                 PrintableString 'VDA'
              :                                 }
              :                               }
   862 31   23:                             SET {
   864 30   21:                               SEQUENCE {
   866 06    3:                                 OBJECT IDENTIFIER
              :                                   commonName (2 5 4 3)
              :                                   (X.520 id-at (2 5 4))
   871 13   14:                                 PrintableString 'Bugs Bunny DSA'
              :                                 }
              :                               }
              :                             }
              :                           }
   887 A4   97:                         [4] {
   889 30   95:                           SEQUENCE {
   891 31   11:                             SET {
   893 30    9:                               SEQUENCE {
   895 06    3:                                 OBJECT IDENTIFIER
              :                                   countryName (2 5 4 6)
              :                                   (X.520 id-at (2 5 4))
   900 13    2:                                 PrintableString 'US'
              :                                 }
              :                               }
   904 31   22:                             SET {
   906 30   20:                               SEQUENCE {
   908 06    3:                                 OBJECT IDENTIFIER
              :                                   organizationName (2 5 4 10)
              :                                   (X.520 id-at (2 5 4))
   913 13   13:                                 PrintableString 'US Government'
              :                                 }
              :                               }
   928 31   17:                             SET {
   930 30   15:                               SEQUENCE {
   932 06    3:                                 OBJECT IDENTIFIER
              : organizationalUnitName (2 5 4 11)
              :                                   (X.520 id-at (2 5 4))
   937 13    8:                                 PrintableString 'VDA Site'
              :                                 }
              :                               }
   947 31   12:                             SET {
   949 30   10:                               SEQUENCE {
   951 06    3:                                 OBJECT IDENTIFIER
              : organizationalUnitName (2 5 4 11)
              :                                   (X.520 id-at (2 5 4))
   956 13    3:                                 PrintableString 'VDA'
              :                                 }
              :                               }
   961 31   23:                             SET {
   963 30   21:                               SEQUENCE {
   965 06    3:                                 OBJECT IDENTIFIER
              :                                   commonName (2 5 4 3)
              :                                   (X.520 id-at (2 5 4))
   970 13   14:                                 PrintableString 'Elmer Fudd DSA'
              :                                 }
              :                               }
              :                             }
              :                           }
              :                         }
              :                       }
              :                     }
              :                   }
              :                 }
              :               }
   986 30  258:             SEQUENCE {
   990 06   11:               OBJECT IDENTIFIER
              :                 id-aa-equivalentLabels (1 2 840 113549
1 9 16 2 9)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
1003 31  242:               SET {
1006 30  239:                 SEQUENCE {
1009 31  114:                   SET {
1011 02    1:                     INTEGER 1
1014 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1023 31   60:                     SET {
1025 30   58:                       SEQUENCE {
1027 80    8:                         [0]
              :                   2A 03 04 05 06 07 86 78
1037 A1   46:                         [1] {
1039 13   44:                           PrintableString
              :                   'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
              :                           }
              :                         }
              :                       }
1085 13   38:                     PrintableString 'EQUIVALENT THIS IS
A PRIVACY MARK TEST'
              :                     }
1125 31  121:                   SET {
1127 02    1:                     INTEGER 1
1130 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 10'
1139 31   60:                     SET {
1141 30   58:                       SEQUENCE {
1143 80    8:                         [0]
              :                   2A 03 04 05 06 07 86 78
1153 A1   46:                         [1] {
1155 13   44:                           PrintableString
              :                   'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
              :                           }
              :                         }
              :                       }
1201 13   45:                     PrintableString
              :                   'EQUIVALENT THIS IS A SECOND PRIVACY
MARK TEST'
              :                     }
              :                   }
              :                 }
              :               }
              :             }
1248 30    9:           SEQUENCE {
1250 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :               (ANSI X9.57 algorithm)
              :             }
1259 04   46:           OCTET STRING, encapsulates {
1261 30   44:               SEQUENCE {
1263 02   20:                 INTEGER
              :                   04 ED DC 50 4E 39 C2 DA A6 7B 0E 1F
2A B2 8C 85
              :                   72 62 0F 33
1285 02   20:                 INTEGER
              :                   18 74 5A 6E E0 2C 53 EB 51 0F 27 E4
85 9D E5 97
              :                   C9 F2 78 94
              :                 }
              :               }
              :           }
              :         }
              :       }
              :     }
              :   }

5.11 SignedData with Certificates Only

CA SignedData message with no content or signature, containing only
Alices's and Carl's certificates.

     0 30 1674: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1659:   [0] {
    19 30 1655:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    0:       SET {}
    28 30   11:       SEQUENCE {
    30 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
              :         }
    41 A0 1409:       [0] {
    45 30  667:         SEQUENCE {
    49 30  602:           SEQUENCE {
    53 A0    3:             [0] {
    55 02    1:               INTEGER 2
              :               }
    58 02    1:             INTEGER 1
    61 30    9:             SEQUENCE {
    63 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
    72 30   18:             SEQUENCE {
    74 31   16:               SET {
    76 30   14:                 SEQUENCE {
    78 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
    83 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
    92 30   30:             SEQUENCE {
    94 17   13:               UTCTime '990816225050Z'
   109 17   13:               UTCTime '391231235959Z'
              :               }
   124 30   18:             SEQUENCE {
   126 31   16:               SET {
   128 30   14:                 SEQUENCE {
   130 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   135 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   144 30  439:             SEQUENCE {
   148 30  299:               SEQUENCE {
   152 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   161 30  286:                 SEQUENCE {
   165 02  129:                   INTEGER
              :                   00 B6 49 18 3E 8A 44 C1 29 71 94 4C
01 C4 12 C1
              :                   7A 79 CB 54 4D AB 1E 81 FB C6 4C B3
0E 94 09 06
              :                   EB 01 D4 B1 C8 71 4B C7 45 C0 50 25
5D 9C FC DA
              :                   E4 6D D3 E2 86 48 84 82 7D BA 15 95
4A 16 F6 46
              :                   ED DD F6 98 D2 BB 7E 8A 0A 8A BA 16
7B B9 50 01
              :                   48 93 8B EB 25 15 51 97 55 DC 8F 53
0E 10 A9 50
              :                   FC 70 B7 CD 30 54 FD DA DE A8 AA 22
B5 A1 AF 8B
              :                   CC 02 88 E7 8B 70 5F B9 AD E1 08 D4
6D 29 2D D6
              :                           [ Another 1 bytes skipped ]
   297 02   21:                   INTEGER
              :                   00 DD C1 2F DF 53 CE 0B 34 60 77 3E
02 A4 BF 8A
              :                   5D 98 B9 10 D5
   320 02  128:                   INTEGER
              :                   0C EE 57 9B 4B BD DA B6 07 6A 74 37
4F 55 7F 9D
              :                   ED BC 61 0D EB 46 59 3C 56 0B 2B 5B
0C 91 CE A5
              :                   62 52 69 CA E1 6D 3E BD BF FE E1 B7
B9 2B 61 3C
              :                   AD CB AE 45 E3 06 AC 8C 22 9D 9C 44
87 0B C7 CD
              :                   F0 1C D9 B5 4E 5D 73 DE AF 0E C9 1D
5A 51 F5 4F
              :                   44 79 35 5A 73 AA 7F 46 51 1F A9 42
16 9C 48 EB
              :                   8A 79 61 B4 D5 2F 53 22 44 63 1F 86
B8 A3 58 06
              :                   25 F8 29 C0 EF BA E0 75 F0 42 C4 63
65 52 9B 0A
              :                   }
              :                 }
   451 03  133:               BIT STRING 0 unused bits, encapsulates {
   455 02  129:                   INTEGER
              :                   00 99 87 74 27 03 66 A0 B1 C0 AD DC
2C 75 BB E1
              :                   6C 44 9C DA 21 6D 4D 47 6D B1 62 09
E9 D8 AE 1E
              :                   F2 3A B4 94 B1 A3 8E 7A 9B 71 4E 00
94 C9 B4 25
              :                   4E B9 60 96 19 24 01 F3 62 0C FE 75
C0 FB CE D8
              :                   68 00 E3 FD D5 70 4F DF 23 96 19 06
94 F4 B1 61
              :                   8F 3A 57 B1 08 11 A4 0B 26 25 F0 52
76 81 EA 0B
              :                   62 0D 95 2A E6 86 BA 72 B2 A7 50 83
0B AA 27 CD
              :                   1B A9 4D 89 9A D7 8D 18 39 84 3F 8B
C5 56 4D 80
              :                           [ Another 1 bytes skipped ]
              :                   }
              :               }
   587 A3   66:             [3] {
   589 30   64:               SEQUENCE {
   591 30   15:                 SEQUENCE {
   593 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   598 01    1:                   BOOLEAN TRUE
   601 04    5:                   OCTET STRING, encapsulates {
   603 30    3:                       SEQUENCE {
   605 01    1:                         BOOLEAN TRUE
              :                         }
              :                       }
              :                   }
   608 30   14:                 SEQUENCE {
   610 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   615 01    1:                   BOOLEAN TRUE
   618 04    4:                   OCTET STRING, encapsulates {
   620 03    2:                       BIT STRING 1 unused bits
              :                         '1100001'B
              :                       }
              :                   }
   624 30   29:                 SEQUENCE {
   626 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   631 04   22:                   OCTET STRING
              :                   04 14 70 44 3E 82 2E 6F 87 DE 4A D3
75 E3 3D 20
              :                   BC 43 2B 93 F1 1F
              :                   }
              :                 }
              :               }
              :             }
   655 30    9:           SEQUENCE {
   657 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   666 03   48:           BIT STRING 0 unused bits, encapsulates {
   669 30   45:               SEQUENCE {
   671 02   20:                 INTEGER
              :                   6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B
C9 06 37 E9
              :                   11 17 A1 13
   693 02   21:                 INTEGER
              :                   00 8F 34 69 2A 8B B1 3C 03 79 94 32
4D 12 1F CE
              :                   89 FB 46 B2 3B
              :                 }
              :               }
              :           }
   716 30  734:         SEQUENCE {
   720 30  669:           SEQUENCE {
   724 A0    3:             [0] {
   726 02    1:               INTEGER 2
              :               }
   729 02    2:             INTEGER 200
   733 30    9:             SEQUENCE {
   735 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   744 30   18:             SEQUENCE {
   746 31   16:               SET {
   748 30   14:                 SEQUENCE {
   750 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   755 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   764 30   30:             SEQUENCE {
   766 17   13:               UTCTime '990817011049Z'
   781 17   13:               UTCTime '391231235959Z'
              :               }
   796 30   19:             SEQUENCE {
   798 31   17:               SET {
   800 30   15:                 SEQUENCE {
   802 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   807 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   817 30  438:             SEQUENCE {
   821 30  299:               SEQUENCE {
   825 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   834 30  286:                 SEQUENCE {
   838 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                           [ Another 1 bytes skipped ]
   970 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   993 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
1124 03  132:               BIT STRING 0 unused bits, encapsulates {
1128 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
1259 A3  131:             [3] {
1262 30  128:               SEQUENCE {
1265 30   32:                 SEQUENCE {
1267 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
1272 04   25:                   OCTET STRING, encapsulates {
1274 30   23:                       SEQUENCE {
1276 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
1299 30   12:                 SEQUENCE {
1301 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
1306 01    1:                   BOOLEAN TRUE
1309 04    2:                   OCTET STRING, encapsulates {
1311 30    0:                       SEQUENCE {}
              :                       }
              :                   }
1313 30   14:                 SEQUENCE {
1315 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
1320 01    1:                   BOOLEAN TRUE
1323 04    4:                   OCTET STRING, encapsulates {
1325 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
1329 30   31:                 SEQUENCE {
1331 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
1336 04   24:                   OCTET STRING, encapsulates {
1338 30   22:                       SEQUENCE {
1340 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
1362 30   29:                 SEQUENCE {
1364 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
1369 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
1393 30    9:           SEQUENCE {
1395 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1404 03   48:           BIT STRING 0 unused bits, encapsulates {
1407 30   45:               SEQUENCE {
1409 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
1432 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
1454 A1  219:       [1] {
1457 30  216:         SEQUENCE {
1460 30  153:           SEQUENCE {
1463 30    9:             SEQUENCE {
1465 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
1474 30   18:             SEQUENCE {
1476 31   16:               SET {
1478 30   14:                 SEQUENCE {
1480 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
1485 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
1494 17   13:             UTCTime '990827070000Z'
1509 30  105:             SEQUENCE {
1511 30   19:               SEQUENCE {
1513 02    2:                 INTEGER 200
1517 17   13:                 UTCTime '990822070000Z'
              :                 }
1532 30   19:               SEQUENCE {
1534 02    2:                 INTEGER 201
1538 17   13:                 UTCTime '990822070000Z'
              :                 }
1553 30   19:               SEQUENCE {
1555 02    2:                 INTEGER 211
1559 17   13:                 UTCTime '990822070000Z'
              :                 }
1574 30   19:               SEQUENCE {
1576 02    2:                 INTEGER 210
1580 17   13:                 UTCTime '990822070000Z'
              :                 }
1595 30   19:               SEQUENCE {
1597 02    2:                 INTEGER 212
1601 17   13:                 UTCTime '990824070000Z'
              :                 }
              :               }
              :             }
1616 30    9:           SEQUENCE {
1618 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
1627 03   47:           BIT STRING 0 unused bits, encapsulates {
1630 30   44:               SEQUENCE {
1632 02   20:                 INTEGER
              :                   7E 65 52 76 33 FE 34 73 17 D1 F7 96
F9 A0 D4 D8
              :                   6D 5C 7D 3D
1654 02   20:                 INTEGER
              :                   02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E
DA 24 F3 2A
              :                   83 9C 35 A1
              :                 }
              :               }
              :           }
              :         }
1676 31    0:       SET {}
              :       }
              :     }
              :   }

6.  Enveloped-data

6.1 Basic encrypted content, TripleDES and DH

An EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management. Does not have a
OriginatorInfo or any attributes.

    0 30  426: SEQUENCE {
    4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   15 A0  411:   [0] {
   19 30  407:     SEQUENCE {
   23 02    1:       INTEGER 2
   26 31  331:       SET {
   30 A1  327:         [1] {
   34 02    1:           INTEGER 3
   37 A0  149:           [0] {
   40 A1  146:             [1] {
   43 30    9:               SEQUENCE {
   45 06    7:                 OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
             :                   (ANSI X9.42 number type)
             :                 }
   54 03  132:               BIT STRING 0 unused bits, encapsulates {
   58 02  128:                   INTEGER
             :                   44 B9 26 32 13 77 AD 88 CD F5 9F 4B 4D A9 6C FF
             :                   38 60 EB 84 AB 45 E6 A3 F4 E2 94 27 97 F0 8D 29
             :                   A5 EB 1F 21 91 68 58 39 C8 F2 49 D8 99 DB 48 A8
             :                   9E 47 A5 9E 06 BE B4 F4 A0 86 01 10 C4 50 FB B1
             :                   F5 31 88 12 7B 15 18 70 F8 72 08 65 4F 51 A7 A3
             :                   96 18 E8 79 B4 A6 6C F1 B7 7A 61 26 F6 AF 4D 34
             :                   42 22 DD 80 F3 C7 42 CE 6A 1C 8C A6 24 E9 54 6A
             :                   A0 67 B1 80 DE BB B0 C4 FE BC 45 4C D2 EC 35 74
             :                   }
             :               }
             :             }
  189 A1   66:           [1] {
  191 04   64:             OCTET STRING
             :               A9 74 C4 E9 AA 79 D3 CE 5C 74 A4 ED A5 DB 65 F5
             :               C0 37 D6 81 F1 0A 93 5F 24 A1 DB 97 96 EE 87 8B
             :               79 DB E9 07 11 23 CE 70 24 84 30 72 02 83 D5 7D
             :               60 D3 D4 F6 A7 4D 4C C2 E0 89 FA CD 59 20 A2 93
             :             }
  257 30   30:           SEQUENCE {
  259 06   11:             OBJECT IDENTIFIER
             :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
             :               (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  272 30   15:             SEQUENCE {
  274 06   11:               OBJECT IDENTIFIER
             :                 id-alg-CMS3DESwrap (1 2 840 113549 1 9 16 3 6)
             :                 (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  287 05    0:               NULL
             :               }
             :             }
  289 30   70:           SEQUENCE {
  291 30   68:             SEQUENCE {
  293 30   24:               SEQUENCE {
  295 30   18:                 SEQUENCE {
  297 31   16:                   SET {
  299 30   14:                     SEQUENCE {
  301 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
             :                         (X.520 id-at (2 5 4))
  306 13    7:                       PrintableString 'CarlDSS'
             :                       }
             :                     }
             :                   }
  315 02    2:                 INTEGER 201
             :                 }
  319 04   40:               OCTET STRING
             :                 97 A2 1C 9B 1D 72 03 4C FA 1F CE DA AE 85 49 E1
             :                 0D 32 04 97 80 43 CB 00 49 60 36 A7 DD 4B 0E E5
             :                 D6 A8 7B BA 66 94 97 A7
             :               }
             :             }
             :           }
             :         }
  361 30   67:       SEQUENCE {
  363 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  374 30   20:         SEQUENCE {
  376 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  386 04    8:           OCTET STRING
             :             37 E7 7E D7 16 17 C8 AC
             :           }
  396 80   32:         [0]
             :           6A F2 B8 9A 58 65 B2 AD F4 3A A0 31 B2 BD F7 52
             :           7A EB 2B FB 04 77 0F E2 59 C6 33 BB 05 FD 0C EA
             :         }
             :       }
             :     }
             :   }

Some additional information on this example:

3DES CEK
    cd 4f 7c 83 73 c4 26 ce 5d b0 cd ea 7c 16 15 cb
    2f 8c a8 20 16 0e c8 2a

Ephemeral X (reverse the bytes)
    2e 92 4e b9 2a bd ab 1e cb 5b d8 3b c5 6c b0 ef
    2d 89 7b 0e e7 d6 33 8c 1f 33 81 6d 2d d1 61 4f

ZZ
    de 42 2f c3 fb 44 ab ce 71 3f f6 3a aa dc 09 d1
    ca 30 97 22 73 eb de 6a af 87 e1 74 62 60 73 c7
    93 1f 2e 26 b3 09 8f 1c 93 31 33 63 5f 0e ad 89
    89 f5 1a cb 8c 3f b7 8f 50 b3 9a fe 06 b0 8a 68
    c0 f7 b1 fe 20 af 96 f2 a6 cf de 12 1e 74 f9 38
    d1 90 da 4d 10 45 b2 6a be 3f f9 3b 61 c0 6d 8f
    bc 2e c8 a3 e6 d8 e2 a8 52 ea 58 65 b3 93 99 b7
    77 91 67 e6 04 e5 ca ce 46 86 b0 83 17 d9 de 1d

3DES KEK (no parity check)
    02 1f 67 5c 92 58 e5 5a 2a fb 3b ed 94 6b 39 8a
    b1 38 a7 8c 63 fc d6 14

wrapped key
    51 46 57 41 34 1c d6 c7 cd 36 4b a4 93 b7 16 e6
    2e f0 58 24 9c 6d 4b e9 90 8b 0f 46 b8 e5 93 19
    ff 7c f0 56 4d 4f fa f5

3DES CEK
    1c b6 57 1a 25 bc f8 13 5b 01 1a d5 a2 46 31 7a
    85 fe 4f 62 45 4a 2a 43

6.2 Basic encrypted content, TripleDES and RSA

Same as 6.1, except with RSA for key management. An EnvelopedData from
Alice to Bob of ExContent using TripleDES for encrypting and RSA for
key management. Does not have a OriginatorInfo.

    0 30 NDEF: SEQUENCE {
    2 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   13 A0 NDEF:   [0] {
   15 30 NDEF:     SEQUENCE {
   17 02    1:       INTEGER 0
   20 31  192:       SET {
   23 30  189:         SEQUENCE {
   26 02    1:           INTEGER 0
   29 30   38:           SEQUENCE {
   31 30   18:             SEQUENCE {
   33 31   16:               SET {
   35 30   14:                 SEQUENCE {
   37 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
             :                     (X.520 id-at (2 5 4))
   42 13    7:                   PrintableString 'CarlRSA'
             :                   }
             :                 }
             :               }
   51 02   16:             INTEGER
             :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
             :             }
   69 30   13:           SEQUENCE {
   71 06    9:             OBJECT IDENTIFIER
             :               rsaEncryption (1 2 840 113549 1 1 1)
             :               (PKCS #1)
   82 05    0:             NULL
             :             }
   84 04  128:           OCTET STRING
             :             5C DE 6D 75 D0 5E E6 68 76 11 47 1B 5B 89 2E 55
             :             AD 73 05 AA 28 02 F8 02 DA 4D FE F4 35 20 0E 6B
             :             68 EB D6 2B AE 88 58 3A D3 AC 03 7B 30 5E 88 44
             :             3B FF 33 DC DD BC BD 91 C3 9D F5 73 6E 33 E4 9F
             :             2C 42 A0 8E 25 74 29 26 50 71 70 2F 51 08 AE 2D
             :             5E C1 A5 16 06 33 4F A9 23 0A 33 E5 96 3B D0 F8
             :             83 BE 0A 29 01 0A CF 53 13 92 18 A6 F7 B1 3C 82
             :             78 59 67 C8 65 E4 26 0E 52 37 00 50 EA 39 23 E7
             :           }
             :         }
  215 30 NDEF:       SEQUENCE {
  217 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  228 30   20:         SEQUENCE {
  230 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  240 04    8:           OCTET STRING
             :             E1 D1 EB E0 26 CA 58 49
             :           }
  250 A0 NDEF:         [0] {
  252 04   32:           OCTET STRING
             :             02 3A 0A 0B BE B7 31 1D D4 C3 EB CA 91 18 AD 89
             :             7B 2D F8 B1 FB FD BF 2A 52 81 77 DA 9F 49 7F 00
             :           }
             :         }
             :       }
             :     }
             :   }

6.3 Basic encrypted content, RC2/40 and RSA

Same as 6.1, except using RC2/40 for encryption and RSA for key
management. An EnvelopedData from Alice to Bob of ExContent using
RC2/40 for encrypting and RSA for key management. Does not have a
OriginatorInfo or any attributes.

    0 30  292: SEQUENCE {
    4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   15 A0  277:   [0] {
   19 30  273:     SEQUENCE {
   23 02    1:       INTEGER 0
   26 31  192:       SET {
   29 30  189:         SEQUENCE {
   32 02    1:           INTEGER 0
   35 30   38:           SEQUENCE {
   37 30   18:             SEQUENCE {
   39 31   16:               SET {
   41 30   14:                 SEQUENCE {
   43 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
             :                     (X.520 id-at (2 5 4))
   48 13    7:                   PrintableString 'CarlRSA'
             :                   }
             :                 }
             :               }
   57 02   16:             INTEGER
             :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
             :             }
   75 30   13:           SEQUENCE {
   77 06    9:             OBJECT IDENTIFIER
             :               rsaEncryption (1 2 840 113549 1 1 1)
             :               (PKCS #1)
   88 05    0:             NULL
             :             }
   90 04  128:           OCTET STRING
             :             5E FD D1 FD 71 E3 B4 3E B7 59 86 AC 70 6C 84 D7
             :             7F F6 F9 4E 78 6B E6 B0 B5 1E D5 FB 43 76 A7 22
             :             69 67 C9 E2 70 89 73 E4 69 F3 59 43 77 49 04 B3
             :             00 C9 F7 EE 41 32 E6 4C 5A C7 40 AF 87 EC E7 32
             :             0D 1E 89 7A 97 D3 F5 6A 75 A8 0C 4D 59 B7 92 9B
             :             E2 4A 64 2E 73 67 4C E6 2F FA 9E 3F B4 11 3C E7
             :             3A 4C 23 16 4F E9 27 EE D9 E5 1F 66 57 FC 43 E9
             :             38 1C EF 5D C9 8E 97 46 2C 6B 19 73 18 18 58 EA
             :           }
             :         }
  221 30   73:       SEQUENCE {
  223 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  234 30   26:         SEQUENCE {
  236 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  246 30   14:           SEQUENCE {
  248 02    2:             INTEGER 160
  252 04    8:             OCTET STRING
             :               9C 04 D2 19 2E 2A 55 A1
             :             }
             :           }
  262 80   32:         [0]
             :           00 83 A9 27 15 EA D5 DC 6A A8 E7 4D E8 FA EA F7
             :           A8 D6 3D 4C 52 62 CB 89 E8 39 E1 F1 77 E5 AB F7
             :         }
             :       }
             :     }
             :   }

6.4 Encrypted content, two recipients, no shared keying material

Same as 6.1, except sent to both Bob and Diane. An EnvelopedData from
Alice to Bob and Diane of ExContent using TripleDES for encrypting and
Diffie-Hellman for key management. Does not have a OriginatorInfo or
any attributes.

     0 30  615: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
              :     (PKCS #7)
    15 A0  600:   [0] {
    19 30  596:     SEQUENCE {
    23 02    1:       INTEGER 2
    26 31  520:       SET {
    30 A1  256:         [1] {
    34 02    1:           INTEGER 3
    37 A0  150:           [0] {
    40 A1  147:             [1] {
    43 30    9:               SEQUENCE {
    45 06    7:                 OBJECT IDENTIFIER
              :                   dhPublicNumber (1 2 840 10046 2 1)
              :                   (ANSI X9.42 number-type)
              :                 }
    54 03  133:               BIT STRING 0 unused bits
              :                 02 81 80 03 CA 05 2E 78 63 86 95 7D C6 E3 38 08
              :                 33 D3 5E 06 FB C5 98 FA DE 66 42 2E 6F BB 35 47
              :                 73 EE 7F 43 82 83 0C 8D EF 1F 61 8F 52 C6 5C BB
              :                 85 46 09 CD 0A 1E 75 44 51 AC B8 AB 85 88 C6 B3
              :                 06 97 C9 47 B2 8A 56 55 8B BE D3 3C C9 3A F0 A8
              :                 D5 4C 3A 56 19 9B 65 75 E9 2B 14 66 D8 BB 66 70
              :                 2E 64 46 41 BD 33 E1 50 F8 D5 CA A5 74 6A 09 01
              :                 D3 6D 74 85 21 33 53 AB C2 3D 2A 08 40 CF F9 AC
              :                 2D F7 D0 00
              :               }
              :             }
   190 30   26:           SEQUENCE {
   192 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :               (ANSI X9.42 number-type)
   201 30   15:             SEQUENCE {
   203 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
   216 05    0:               NULL
              :               }
              :             }
   218 30   70:           SEQUENCE {
   220 30   68:             SEQUENCE {
   222 30   24:               SEQUENCE {
   224 30   18:                 SEQUENCE {
   226 31   16:                   SET {
   228 30   14:                     SEQUENCE {
   230 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
              :                         (X.520 id-at (2 5 4))
   235 13    7:                       PrintableString 'CarlDSS'
              :                       }
              :                     }
              :                   }
   244 02    2:                 INTEGER 211
              :                 }
   248 04   40:               OCTET STRING
              :                 88 24 7C 52 73 C3 02 FF DB 89 49 08 0E BD EE 0E
              :                 49 18 47 19 B4 95 5F 16 12 B9 ED 34 4F 99 6B 2F
              :                 CA 8E 94 87 56 66 08 51
              :               }
              :             }
              :           }
   290 A1  256:         [1] {
   294 02    1:           INTEGER 3
   297 A0  150:           [0] {
   300 A1  147:             [1] {
   303 30    9:               SEQUENCE {
   305 06    7:                 OBJECT IDENTIFIER
              :                   dhPublicNumber (1 2 840 10046 2 1)
              :                   (ANSI X9.42 number-type)
              :                 }
   314 03  133:               BIT STRING 0 unused bits
              :                 02 81 80 5C 58 72 3E C6 68 91 0F F8 EB 07 EB C1
              :                 46 60 13 4B 7A D4 E5 AC 61 0C 67 D1 0D 0A AB E8
              :                 81 31 25 6A B5 E6 F3 EF 53 9D E7 51 B5 1D A4 E3
              :                 38 C7 EB 95 D9 80 D8 85 65 76 12 FB 7A 9E F2 B1
              :                 3F 38 1F EA F2 7C 61 26 63 73 AA 22 E2 FD 15 9A
              :                 9C 17 31 58 0C 4E A0 DE 84 89 B7 81 70 62 3E 9B
              :                 45 47 AD B9 FC 94 95 A5 99 F4 86 8D 0B CE 74 EC
              :                 71 DC CA A6 71 37 31 01 4C 8C 01 59 8C 49 AE FC
              :                 FB 64 EA 00
              :               }
              :             }
   450 30   26:           SEQUENCE {
   452 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :               (ANSI X9.42 number-type)
   461 30   15:             SEQUENCE {
   463 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
   476 05    0:               NULL
              :               }
              :             }
   478 30   70:           SEQUENCE {
   480 30   68:             SEQUENCE {
   482 30   24:               SEQUENCE {
   484 30   18:                 SEQUENCE {
   486 31   16:                   SET {
   488 30   14:                     SEQUENCE {
   490 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
              :                         (X.520 id-at (2 5 4))
   495 13    7:                       PrintableString 'CarlDSS'
              :                       }
              :                     }
              :                   }
   504 02    2:                 INTEGER 201
              :                 }
   508 04   40:               OCTET STRING
              :                 39 2A 16 D1 21 2B 72 38 0C 40 01 55 A1 17 19 04
              :                 BE FD 24 9B 33 E5 1C BC C5 D8 7B A7 45 15 D2 5B
              :                 E5 5A 09 A5 22 18 7B DF
              :               }
              :             }
              :           }
              :         }
   550 30   67:       SEQUENCE {
   552 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
   563 30   20:         SEQUENCE {
   565 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
              :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
   575 04    8:           OCTET STRING
              :             13 E3 41 9C 85 30 15 1F
              :           }
   585 80   32:         [0]
              :           BA 8F 71 D9 C8 92 CE D4 08 A7 F5 73 91 29 6D E1
              :           33 08 DE C4 58 C2 A2 7B F0 9A 4B 06 44 EF D6 E5
              :         }
              :       }
              :     }
              :   }

6.5 Encrypted content, two recipients, shared keying material

Same as 6.4, except sent to Bob and Erica using keys that have shared
parameters so the result does not include the UKMs. An EnvelopedData
from Alice to Bob and Erica of ExContent using TripleDES for encrypting
and Diffie-Hellman for key management. Does not have a OriginatorInfo
or any attributes. Uses BobPubDHSharedEncrypt and
DianePubDHSharedEncrypt for keys.

     0 30  426: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
              :     (PKCS #7)
    15 A0  411:   [0] {
    19 30  407:     SEQUENCE {
    23 02    1:       INTEGER 2
    26 31  331:       SET {
    30 A1  327:         [1] {
    34 02    1:           INTEGER 3
    37 A0  150:           [0] {
    40 A1  147:             [1] {
    43 30    9:               SEQUENCE {
    45 06    7:                 OBJECT IDENTIFIER
              :                   dhPublicNumber (1 2 840 10046 2 1)
              :                   (ANSI X9.42 number-type)
              :                 }
    54 03  133:               BIT STRING 0 unused bits
              :                 02 81 80 1E 6F B8 49 59 86 A9 EE 34 17 29 BC A0
              :                 5A 84 51 AB CE 9A 41 38 B6 29 A7 7C 49 24 8D 83
              :                 A6 A0 F8 2C 9A 1B 1D A9 86 64 62 89 4B F9 5B 35
              :                 93 0C 36 D3 F7 06 51 D5 4A 5E AD DC 76 D2 ED 53
              :                 46 1A D4 0A 84 5B 26 A7 D0 4C 9A D6 24 A1 9E BA
              :                 D2 21 30 7B 45 C5 36 CC 2B 4A 4F 19 77 0D 48 22
              :                 79 66 D9 EB 51 4A 5A 3B 5D 25 E5 FA 58 79 0F 53
              :                 49 1B 1F E9 F9 79 73 0D BC 49 61 ED DB 4D 81 67
              :                 9E 68 A8 00
              :               }
              :             }
   190 30   26:           SEQUENCE {
   192 06    7:             OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 1)
              :               (ANSI X9.42 number-type)
   201 30   15:             SEQUENCE {
   203 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 3 6'
   216 05    0:               NULL
              :               }
              :             }
   218 30  140:           SEQUENCE {
   221 30   68:             SEQUENCE {
   223 30   24:               SEQUENCE {
   225 30   18:                 SEQUENCE {
   227 31   16:                   SET {
   229 30   14:                     SEQUENCE {
   231 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
              :                         (X.520 id-at (2 5 4))
   236 13    7:                       PrintableString 'CarlDSS'
              :                       }
              :                     }
              :                   }
   245 02    2:                 INTEGER 201
              :                 }
   249 04   40:               OCTET STRING
              :                 FF 20 83 91 5F 10 CF 38 80 DF 50 20 46 C3 30 3B
              :                 7D 2B E3 DB C1 18 07 E3 07 85 2B 6C AB 26 07 B9
              :                 2C E5 DD 89 40 7D E9 D5
              :               }
   291 30   68:             SEQUENCE {
   293 30   24:               SEQUENCE {
   295 30   18:                 SEQUENCE {
   297 31   16:                   SET {
   299 30   14:                     SEQUENCE {
   301 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
              :                         (X.520 id-at (2 5 4))
   306 13    7:                       PrintableString 'CarlDSS'
              :                       }
              :                     }
              :                   }
   315 02    2:                 INTEGER 212
              :                 }
   319 04   40:               OCTET STRING
              :                 BF 13 C2 4A A2 D4 08 6A 2B 60 4A B8 A1 6D 31 43
              :                 F7 6B AE 35 64 23 D0 E6 80 79 BE 5F 25 2C 51 E3
              :                 B9 0E 44 F3 83 79 B4 0E
              :               }
              :             }
              :           }
              :         }
   361 30   67:       SEQUENCE {
   363 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
   374 30   20:         SEQUENCE {
   376 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
              :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
   386 04    8:           OCTET STRING
              :             23 DF 7F DB 3D 98 00 F8
              :           }
   396 80   32:         [0]
              :           74 29 02 33 4D 51 2E C4 C5 AE 32 D8 7F 9B 01 EB
              :           D2 CD C2 32 0A AA 90 8D A9 91 F3 21 32 8E 4E 76
              :         }
              :       }
              :     }
              :   }

6.6 Encrypted content, TripleDES and DH, previously-distributed keys

Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using TripleDES for
encrypting and Diffie-Hellman for key management, using the
MailListTripleDES key. Does not have a OriginatorInfo or any
attributes.

Subject: Test subject
MIME-Version: 1.0
Content-Type: application/pkcs7-mime;
        name="smime.p7m";
        smime-type=enveloped-data
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
        filename="smime.p7m"

MIAGCSqGSIb3DQEHA6CAMIACAQIxggFdoYIBBAIBA6CBlaGBkjAJBgcqhkjOPgIBA4
GEAAKBgE348O8WYkb+mh9JywImIJ1j0PIj84SnpKclqO31EcScZzkSiQQP+gqphImf
EwIGh7P7ywuoFuxdot8C2X/nDubhrrKImG3Z96h/FAh6/rgA6P10r2yesV1QvqfGgY
Bh9+o9zq/S1+Q8ssFH9j1nZzTLLL3rrG8W4ztmu4qX+Q89MB8GCyqGSIb3DQEJEAMF
MBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBC
hTEv/IiYb58fJpBc1MQAJ1FSG33LdFbpRq8QirMU12JiHd9qAJjj9ColMCAQQwEwQR
TWFpbExpc3RUcmlwbGVERVMwDwYLKoZIhvcNAQkQAwYFAAQo/JV25qipslbuubZDLs
lEB93Y4rGtOJHpymNu+u5Fe7bpypVtjw4VWjCABgkqhkiG9w0BBwEwGQYIKoZIhvcN
AwIwDQIBOgQIj3hP9Fg2yEqggAQg4lYLOgn0NuOrSALLvtN4NzeVtYJ07hsW2OZ7Fq
QNmuoAAAAAAAAAAAAA

6.7 Encrypted content, RC2/40 and RSA, previously-distributed keys

Same as 6.1, except sent using a previously-distributed key. An
EnvelopedData from Alice to Bob of ExContent using RC2/40 for
encrypting and RSA for key management, using the MailListRC2 key. Does
not have a OriginatorInfo or any attributes.

    0 30  357: SEQUENCE {
    4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   15 A0  342:   [0] {
   19 30  338:     SEQUENCE {
   23 02    1:       INTEGER 2
   26 31  256:       SET {
   30 30  189:         SEQUENCE {
   33 02    1:           INTEGER 0
   36 30   38:           SEQUENCE {
   38 30   18:             SEQUENCE {
   40 31   16:               SET {
   42 30   14:                 SEQUENCE {
   44 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
             :                     (X.520 id-at (2 5 4))
   49 13    7:                   PrintableString 'CarlRSA'
             :                   }
             :                 }
             :               }
   58 02   16:             INTEGER
             :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
             :             }
   76 30   13:           SEQUENCE {
   78 06    9:             OBJECT IDENTIFIER
             :               rsaEncryption (1 2 840 113549 1 1 1)
             :               (PKCS #1)
   89 05    0:             NULL
             :             }
   91 04  128:           OCTET STRING
             :             94 26 42 88 C6 8B B6 78 20 FF 82 57 2A 41 98 D1
             :             68 08 3A 04 A7 CE E4 86 D8 32 7D FD 8D E1 29 AA
             :             0F 74 71 3F 1F BC 85 B2 D0 B7 D8 B7 61 C3 30 71
             :             AA 7E 6A 23 A4 CA A8 CC 6A 54 F4 DD 55 02 D1 70
             :             4E 1A FF 87 60 8D C7 05 99 BF 68 5C F1 A2 AF 98
             :             39 70 16 B3 9C 65 19 EA D9 C1 33 9C F6 3E 80 62
             :             52 B8 A9 7B E7 CE D4 79 49 0F 13 06 39 73 CA D9
             :             B8 57 BC E0 F9 31 AB 9C 65 4D 40 13 70 E3 B1 30
             :           }
  222 A2   62:         [2] {
  224 02    1:           INTEGER 4
  227 30   13:           SEQUENCE {
  229 04   11:             OCTET STRING 'MailListRC2'
             :             }
  242 30   16:           SEQUENCE {
  244 06   11:             OBJECT IDENTIFIER
             :               id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
             :               (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  257 02    1:             INTEGER 58
             :             }
  260 04   24:           OCTET STRING
             :             77 14 AF 93 12 27 F8 3D 1E 72 55 1E C4 3A 5F 9E
             :             95 73 06 1B F8 E7 E8 8D
             :           }
             :         }
  286 30   73:       SEQUENCE {
  288 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  299 30   26:         SEQUENCE {
  301 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  311 30   14:           SEQUENCE {
  313 02    2:             INTEGER 160
  317 04    8:             OCTET STRING
             :               9C 04 D2 19 2E 2A 55 A1
             :             }
             :           }
  327 80   32:         [0]
             :           5E 28 D5 E1 A2 3B 9E 8F 7A 2B 83 D2 ED EE 7F B0
             :           5B 13 A1 9E 4C B9 57 9D 2F 4A 9A 18 45 F4 51 CB
             :         }
             :       }
             :     }
             :   }


6.8 S/MIME application/pkcs7-mime encrypted message

A full S/MIME message, including MIME, that includes the body part from
6.1.

MIME-Version: 1.0
Message-Id: <00103112005203.00349@amyemily.ig.com>
Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time)
From: User1
To: User2
Subject: Example 6.8
Content-Type: Application/pkcs7-mime;name=smime.p7m;filename=smime.p7m
Content-Transfer-Encoding: base64
Content-Description: attachment;filename=smime.p7m

MIIEYQYJKoZIhvcNAQcDoIIEUjCCBE4CAQKgggLxoIIC7TCCAukwggKooAMCAQICAgDUMAkGByqG
SM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMjE3MTZaFw0zOTEyMzEyMzU5NTla
MBIxEDAOBgNVBAMTB0VyaWNhREgwggHEMIIBOAYHKoZIzj4CATCCASsCgYEA7CzNpO+aJi9ip7sj
Td8rJcFo0p6pRVs28ZSJGq99ESSdPbk8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6u
SOXzbjjvkdHPN/6aQJfILTWenZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQ
GjMCgYEAugvXdD3nNOVME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYai
c8VJRjd5YP13BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJ
zO0hw5FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQOB
hQACgYEA0SvkHT66GM91IMbHXsPEbOrzI9kJH0aY9M5ZubbO6DrGGPhZdxuZsNrcwJ0J5K/5YZEs
R8xHXt8rM3bzZ+x36Cw3MKGJXfPI9lwWSuS3jPV71Tj9FKzoesJ97geQJwp8h6ii4nA16m7enlAx
a+kJ2iUaAY7j/yYcdfXDzlr1noWjgYEwfzAfBgNVHREEGDAWgRRlcmljYURoQGV4YW1wbGVzLmNv
bTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9
ILxDK5PxHzAdBgNVHQ4EFgQUjVMdYVV/YDVtpjaixZP4mv3AdXQwCQYHKoZIzjgEAwMwADAtAhQ+
UUII41IuqruPvRg4ccuYg75HngIVALSzFYWZEQZAH0BZjdQbLc2B8ehoMYIBDaGCAQkCAQOgGjAY
MBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDUoYGDBIGAJ9S2hbjOL6X23QgUdLjyo8uBXzTZNwDsNvWK
idLJx6umMnV9PmfRxy1Yb1UDNDP//1Rd+xFYA9EYd8THsNDKdrYosuLojimdW0xih8BOgn9UXlE/
I2msgkJ24mxcUyzvA/u0LTN5aPoRdMYVS61QLPDsvr515f5TB2z9KPYVK5MwGgYHKoZIzj4CATAP
BgsqhkiG9w0BCRADBgUAMEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBCiytQ66TKk5FRNq
m13l4cUwtrsv92WphxKHjq0EFCHI35VP2nLoq2YXMEMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQI
280UIM+ZHBiAIAl3prOldtS3JwrzjhCb6aJInx+tKnG5Ec9QDq9XDrm8

6.9 EnvelopedData with All Recipient Types

EnvelopedData message with an example of each recipient type (kari,
ktri, kekri), and has unprotected attributes.

    0 30  847: SEQUENCE {
    4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   15 A0  832:   [0] {
   19 30  828:     SEQUENCE {
   23 02    1:       INTEGER 2
   26 31  627:       SET {
   30 30  189:         SEQUENCE {
   33 02    1:           INTEGER 0
   36 30   38:           SEQUENCE {
   38 30   18:             SEQUENCE {
   40 31   16:               SET {
   42 30   14:                 SEQUENCE {
   44 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
             :                     (X.520 id-at (2 5 4))
   49 13    7:                   PrintableString 'CarlRSA'
             :                   }
             :                 }
             :               }
   58 02   16:             INTEGER
             :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
             :             }
   76 30   13:           SEQUENCE {
   78 06    9:             OBJECT IDENTIFIER
             :               rsaEncryption (1 2 840 113549 1 1 1)
             :               (PKCS #1)
   89 05    0:             NULL
             :             }
   91 04  128:           OCTET STRING
             :             7C E4 51 AB 82 E0 B2 AB 1C 86 02 40 70 88 61 F7
             :             17 E7 4D B9 97 B4 49 0D B4 9B 09 07 B8 BF 1A FA
             :             B6 A4 BB 5A 6D 53 A1 D5 1D 05 EE 69 41 F6 0E AF
             :             21 1C 0F B3 B0 4D BE C9 03 56 EA A0 93 85 B1 AA
             :             E3 9F 3E E4 85 F7 8B 9B 1F 08 E1 69 4F 24 3A 1A
             :             8E 93 12 64 61 33 94 56 F0 C4 B9 FC 11 CE 06 26
             :             10 65 BF 13 C8 62 17 E7 B3 40 9B 7E C3 3A FC BB
             :             0C 64 C7 F3 7E 5C F2 4F 11 21 8B 0F DF 8C A1 2E
             :           }
  222 A1  328:         [1] {
  226 02    1:           INTEGER 3
  229 A0  149:           [0] {
  232 A1  146:             [1] {
  235 30    9:               SEQUENCE {
  237 06    7:                 OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
             :                   (ANSI X9.42 number type)
             :                 }
  246 03  132:               BIT STRING 0 unused bits, encapsulates {
  250 02  128:                   INTEGER
             :                   18 4F BA 26 74 BA A1 9B 91 BB 6F 57 35 2C E7 20
             :                   66 E4 74 D6 94 3F FE 2E C8 66 4C A6 C5 48 8B BF
             :                   37 CE A8 C1 59 1A 07 C1 C1 8F 48 6C 89 E6 6E 1E
             :                   34 98 A8 39 8C B5 91 AE AF 1A 65 C3 D5 C1 0E 06
             :                   E8 C1 03 95 13 DF F3 7E 64 05 A4 2C 6C EB DD EE
             :                   14 1F D3 C3 F1 60 B4 C4 01 32 28 FF CC E5 0A 14
             :                   65 35 04 6F 09 E9 B3 81 BD 50 55 11 CC 41 F6 3D
             :                   33 BD AC 77 59 43 89 5F 1D DF C7 2F 33 13 F9 DF
             :                   }
             :               }
             :             }
  381 A1   66:           [1] {
  383 04   64:             OCTET STRING
             :               C3 14 12 F1 38 EB C6 84 30 B8 17 4D 82 2A A6 C5
             :               FD 16 4C F9 DD 29 7E AE F6 42 08 6B 54 68 CF DC
             :               3E 0F C2 B7 31 13 34 CC 3D 44 60 F6 F3 F7 81 3F
             :               81 18 A0 C2 70 A3 01 54 37 C4 8E 99 A9 93 E6 6F
             :             }
  449 30   31:           SEQUENCE {
  451 06   11:             OBJECT IDENTIFIER
             :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
             :               (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  464 30   16:             SEQUENCE {
  466 06   11:               OBJECT IDENTIFIER
             :                 id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
             :                 (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  479 02    1:               INTEGER 58
             :               }
             :             }
  482 30   70:           SEQUENCE {
  484 30   68:             SEQUENCE {
  486 30   24:               SEQUENCE {
  488 30   18:                 SEQUENCE {
  490 31   16:                   SET {
  492 30   14:                     SEQUENCE {
  494 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
             :                         (X.520 id-at (2 5 4))
  499 13    7:                       PrintableString 'CarlDSS'
             :                       }
             :                     }
             :                   }
  508 02    2:                 INTEGER 201
             :                 }
  512 04   40:               OCTET STRING
             :                 28 8D 7E 8D 71 FA A7 7C E9 A8 8D CD 0D 73 85 4D
             :                 EF 9C A9 C2 84 E0 44 01 D6 91 EC E2 91 07 7D EA
             :                 0C 43 58 40 03 4C D4 0E
             :               }
             :             }
             :           }
  554 A2  101:         [2] {
  556 02    1:           INTEGER 4
  559 30   36:           SEQUENCE {
  561 04   17:             OCTET STRING
             :               4D 61 69 6C 4C 69 73 74 54 72 69 70 6C 65 44 45
             :               53
  580 18   15:             GeneralizedTime '19951230235959Z'
             :             }
  597 30   16:           SEQUENCE {
  599 06   11:             OBJECT IDENTIFIER
             :               id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
             :               (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  612 02    1:             INTEGER 58
             :             }
  615 04   40:           OCTET STRING
             :             5E A8 04 2E 76 13 51 02 8E 8C BB F6 F6 BA 41 7B
             :             34 D4 42 0C 0D 13 9F B2 A5 82 90 3B 15 AF 59 56
             :             9B AC C3 41 5D EC DC 08
             :           }
             :         }
  657 30   72:       SEQUENCE {
  659 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  670 30   25:         SEQUENCE {
  672 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  682 30   13:           SEQUENCE {
  684 02    1:             INTEGER 58
  687 04    8:             OCTET STRING
             :               91 61 D5 02 FC 18 49 70
             :             }
             :           }
  697 80   32:         [0]
             :           2A A4 1A D1 FF 49 B3 93 9D DE EC 2C B5 23 3B 29
             :           03 D2 74 33 22 C3 DC 68 79 83 DE 2B 5C 1B 2F C1
             :         }
  731 A1  118:       [1] {
  733 30   56:         SEQUENCE {
  735 06    3:           OBJECT IDENTIFIER '1 2 5555'
  740 31   49:           SET {
  742 04   47:             OCTET STRING
             :               54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 47
             :               65 6E 65 72 61 6C 20 41 53 4E 20 41 74 74 72 69
             :               62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
             :             }
             :           }
  791 30   58:         SEQUENCE {
  793 06   11:           OBJECT IDENTIFIER
             :             id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
             :             (S/MIME Authenticated Attributes (1 2 840
113549 1 9 16 2))
  806 31   43:           SET {
  808 30   41:             SEQUENCE {
  810 0C   32:               UTF8String 'Content Hints Description Buffer'
  844 06    5:               OBJECT IDENTIFIER '1 2 3 6 5 4'
             :               }
             :             }
             :           }
             :         }
             :       }
             :     }
             :   }

6.10 EnvelopedData with KARI RC2 Encryption

EnvelopedData message like 6.1 except using the RC2 content encryption
algorithm for both the content and key.

    0 30  433: SEQUENCE {
    4 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   15 A0  418:   [0] {
   19 30  414:     SEQUENCE {
   23 02    1:       INTEGER 2
   26 31  333:       SET {
   30 A1  329:         [1] {
   34 02    1:           INTEGER 3
   37 A0  150:           [0] {
   40 A1  147:             [1] {
   43 30    9:               SEQUENCE {
   45 06    7:                 OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1)
             :                   (ANSI X9.42 number type)
             :                 }
   54 03  133:               BIT STRING 0 unused bits, encapsulates {
   58 02  129:                   INTEGER
             :                   00 84 CB 74 8B FD 25 36 46 6B 6C 95 57 05 D7 43
             :                   12 19 31 EB 35 40 32 65 EA 47 6A AC CC B4 9F 12
             :                   3B 42 EB A2 9B 8D D3 75 6D 48 6D DB BD 5A 13 EA
             :                   95 17 EC A0 C8 90 8D F7 55 DB 56 C7 25 60 12 C1
             :                   BD 73 65 42 8C 15 AD 2D E8 AA AE 97 CD EB B5 8B
             :                   8D 39 02 A4 E8 27 BC CC 73 5A 47 67 46 A6 A3 90
             :                   22 A1 C1 AB 9F 97 3F FB FA 21 66 08 CC 8D 9D A3
             :                   16 26 9F E7 AF E8 F4 21 6F 53 FC A5 71 B7 D9 5C
             :                           [ Another 1 bytes skipped ]
             :                   }
             :               }
             :             }
  190 A1   66:           [1] {
  192 04   64:             OCTET STRING
             :               FF E8 2E 63 04 1E BB F4 80 5E 50 03 AE 5D 1F 77
             :               47 6A 21 D5 9B C3 04 75 21 4E 4C 86 7E 0E BB A7
             :               99 EB 52 50 C7 D3 F0 15 59 60 CD 79 BD DA 60 1E
             :               4E E9 19 69 40 A2 80 E6 39 1A EA 1D F4 1D 2B 86
             :             }
  258 30   31:           SEQUENCE {
  260 06   11:             OBJECT IDENTIFIER
             :               id-alg-ESDH (1 2 840 113549 1 9 16 3 5)
             :               (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  273 30   16:             SEQUENCE {
  275 06   11:               OBJECT IDENTIFIER
             :                 id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7)
             :                 (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
  288 02    1:               INTEGER 58
             :               }
             :             }
  291 30   70:           SEQUENCE {
  293 30   68:             SEQUENCE {
  295 30   24:               SEQUENCE {
  297 30   18:                 SEQUENCE {
  299 31   16:                   SET {
  301 30   14:                     SEQUENCE {
  303 06    3:                       OBJECT IDENTIFIER commonName (2 5 4 3)
             :                         (X.520 id-at (2 5 4))
  308 13    7:                       PrintableString 'CarlDSS'
             :                       }
             :                     }
             :                   }
  317 02    2:                 INTEGER 201
             :                 }
  321 04   40:               OCTET STRING
             :                 BB 0C AB DF A2 BE A0 5A 03 D3 2A 10 CA 05 90 58
             :                 09 7B F4 D9 9D 2F 4E 22 29 DE 4B FC 10 6C 66 B0
             :                 15 54 1C 7A DF 16 04 C1
             :               }
             :             }
             :           }
             :         }
  363 30   72:       SEQUENCE {
  365 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  376 30   25:         SEQUENCE {
  378 06    8:           OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  388 30   13:           SEQUENCE {
  390 02    1:             INTEGER 58
  393 04    8:             OCTET STRING
             :               89 96 41 E6 C3 E3 8B 46
             :             }
             :           }
  403 80   32:         [0]
             :           F4 05 D6 20 8F 1D 6E F0 9B 2C 0C E0 A9 10 B7 1A
             :           6F C6 07 56 2E 9A 15 F1 A0 56 73 04 81 87 69 54
             :         }
             :       }
             :     }
             :   }

6.11 EnvelopedData with KEK 3DES Encryption

EnvelopedData message like 6.7 except using the 3DES content encryption
algorithm for both the content and key.

    0 30  193: SEQUENCE {
    3 06    9:   OBJECT IDENTIFIER envelopedData (1 2 840 113549 1 7 3)
             :     (PKCS #7)
   14 A0  179:   [0] {
   17 30  176:     SEQUENCE {
   20 02    1:       INTEGER 2
   23 31  102:       SET {
   25 A2  100:         [2] {
   27 02    1:           INTEGER 4
   30 30   36:           SEQUENCE {
   32 04   17:             OCTET STRING
             :               4D 61 69 6C 4C 69 73 74 54 72 69 70 6C 65 44 45
             :               53
   51 18   15:             GeneralizedTime '19951230235959Z'
             :             }
   68 30   15:           SEQUENCE {
   70 06   11:             OBJECT IDENTIFIER
             :               id-alg-CMS3DESwrap (1 2 840 113549 1 9 16 3 6)
             :               (S/MIME Algorithms (1 2 840 113549 1 9 16 3))
   83 05    0:             NULL
             :             }
   85 04   40:           OCTET STRING
             :             74 31 C0 45 51 4C 3C 2D 2E DA 63 50 8B AE D4 AC
             :             64 CC 95 AE AF CD 0F 8C B6 48 1F 0B 45 12 4D FB
             :             A4 AB C7 83 30 4B 69 AD
             :           }
             :         }
  127 30   67:       SEQUENCE {
  129 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
  140 30   20:         SEQUENCE {
  142 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
             :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
  152 04    8:           OCTET STRING
             :             41 1E 70 EC 7D 56 80 D9
             :           }
  162 80   32:         [0]
             :           C0 4C 7E 6E 31 E9 60 44 49 B9 E3 3E 24 A6 D4 58
             :           4D 5E 65 07 69 A5 69 A9 38 F3 7D 50 C9 09 B3 C0
             :         }
             :       }
             :     }
             :   }

7. Digested-data

A DigestedData from Alice to Bob of ExContent using SHA-1.

    0 30   94: SEQUENCE {
    2 06    9:   OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5)
             :     (PKCS #7)
   13 A0   81:   [0] {
   15 30   79:     SEQUENCE {
   17 02    1:       INTEGER 0
   20 30    7:       SEQUENCE {
   22 06    5:         OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
             :           (OIW)
             :         }
   29 30   43:       SEQUENCE {
   31 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
   42 A0   30:         [0] {
   44 04   28:           OCTET STRING 'This is some sample content.'
             :           }
             :         }
   74 04   20:       OCTET STRING
             :         40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
             :         96 87 DD 48
             :       }
             :     }
             :   }

8. Encrypted-data

8.1 Simple EncryptedData

An EncryptedData from Alice to Bob of ExContent with no attributes.

     0 30   87: SEQUENCE {
     2 06    9:   OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
              :     (PKCS #7)
    13 A0   74:   [0] {
    15 30   72:     SEQUENCE {
    17 02    1:       INTEGER 0
    20 30   67:       SEQUENCE {
    22 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    33 30   20:         SEQUENCE {
    35 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
              :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
    45 04    8:           OCTET STRING
              :             B3 6B 6B FB 62 31 08 4E
              :           }
    55 80   32:         [0]
              :           D7 6F D1 17 8F BD 02 F8 42 31 F5 C1 D2 A2 F7 4A
              :           41 59 48 29 64 F6 75 24 82 54 22 3D AF 9A F8 E4
              :         }
              :       }
              :     }
              :   }

The TripleDES key is:
    73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62
    91 e5 cb 26 91 7a da 32

8.2 EncryptedData with unprotected attributes

An EncryptedData from Alice to Bob of ExContent with unprotected
attributes.

     0 30  209: SEQUENCE {
     3 06    9:   OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
              :     (PKCS #7)
    14 A0  195:   [0] {
    17 30  192:     SEQUENCE {
    20 02    1:       INTEGER 2
    23 30   67:       SEQUENCE {
    25 06    9:         OBJECT IDENTIFIER encryptedData (1 2 840 113549 1 7 6)
              :           (PKCS #7)
    36 30   20:         SEQUENCE {
    38 06    8:           OBJECT IDENTIFIER des-EDE3-CBC (1 2 840 113549 3 7)
              :             (RSADSI encryptionAlgorithm (1 2 840 113549 3))
    48 04    8:           OCTET STRING
              :             64 F0 07 5E 58 3B F0 1F
              :           }
    58 80   32:         [0]
              :           22 3F E5 D3 07 18 0A 37 6E C2 48 A0 D0 AD 77 AC
              :           FE 48 62 5E B0 8D 6B 05 33 BC 22 66 2B 93 2A 71
              :         }
    92 A1  118:       [1] {
    94 30   56:         SEQUENCE {
    96 06    3:           OBJECT IDENTIFIER '1 2 5555'
   101 31   49:           SET {
   103 04   47:             OCTET STRING
              :               54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 47
              :               65 6E 65 72 61 6C 20 41 53 4E 20 41 74 74 72 69
              :               62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
              :             }
              :           }
   152 30   58:         SEQUENCE {
   154 06   11:           OBJECT IDENTIFIER
              :             id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
              :             (S/MIME Authenticated Attributes (1 2 840
113549 1 9 16 2))
   167 31   43:           SET {
   169 30   41:             SEQUENCE {
   171 0C   32:               UTF8String 'Content Hints Description Buffer'
   205 06    5:               OBJECT IDENTIFIER '1 2 3 6 5 4'
              :               }
              :             }
              :           }
              :         }
              :       }
              :     }
              :   }

9. Authenticated-data

No examples are given in this section because no one has created them.

10. Key Wrapping

This section shows the steps needed to wrap keys, as described in
section 12.6 of [CMS].

10.1 Wrapping RC2

This example shows how to wrap an RC2 key.

The CEK to be wrapped is
b70a 25fb c9d8 6a86 050c e0d7 11ea d4d9

The random value used is
4845 cce7 fd12 50

The hash of the CEK is
0a6f f19f db40 4988

The CEK initialization vector is
c7d9 0059 b29e 97f7

The KEK is
fd04 fd08 0607 07fb 0003 feff fd02 fe05

The "Pre Encrypt #1" is
10b7 0a25 fbc9 d86a 8605 0ce0 d711 ead4
d9 4845 cce7 fd12 500a 6ff1 9fdb 4049 88

The "Pre Encrypt #2" is
a7 f7 1f a3 07 8a a9 9f 32 99 8e ff 9e d7 8c ac
b8 70 ce 04 f5 55 8c e4 60 12 93 37 59 a2 1d a0
f7 97 9e b2 59 00 d9 c7

The wrapped CEK is
70e6 99fb 5701 f783 3330 fb71 e87c 85a4
20bd c99a f05d 22af 5a0e 48d3 5f31 3898
6cba afb4 b28d 4f35

10.2 Wrapping TripleDES

This example shows how to wrap an TripleDES key.

The CEK to be wrapped is
2923 bf85 e06d d6ae 5291 49f1 f1ba e9ea b3a7 da3d 860d 3e98

The hash of the CEK is
181b 7e96 86e04a4e

The CEK initialization vector is
5dd4 cbfc 96f5 453b

The KEK is
255e 0d1c 07b6 46df b313 4cc8 43ba 8aa7 1f02 5b7c 0838 251f

The "Pre Encrypt #1" is
   29 23 bf 85 e0 6d d6 ae 52 91 49 f1 f1 ba e9 ea
   b3 a7 da 3d 86 0d 3e 98 18 1b 7e 96 86 e0 4a 4e

The "Pre Encrypt #2" is
    49 84 9d 72 5f cc 4d a4 f6 60 79 7a 3b 97 1f 5c
    03 cc 92 ef 04 32 9a b4 2a dd 75 c6 89 a7 c1 cf
    3b 45 f5 96 fc cb d4 5d

The wrapped CEK is
    69 01 07 61 8e f0 92 b3 b4 8c a1 79 6b 23 4a e9
    fa 33 eb b4 15 96 04 03 7d b5 d6 a8 4e b3 aa c2
    76 8c 63 27 75 a4 67 d4

11. ESS Examples

11.1 ReceiptRequest

Alice asks Bob for a reciept on the message in 5.1 using RSA.

     0 30 1119: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1104:   [0] {
    19 30 1100:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30   43:       SEQUENCE {
    39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    50 A0   30:         [0] {
    52 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    82 A0  738:       [0] {
    86 30  734:         SEQUENCE {
    90 30  669:           SEQUENCE {
    94 A0    3:             [0] {
    96 02    1:               INTEGER 2
              :               }
    99 02    2:             INTEGER 200
   103 30    9:             SEQUENCE {
   105 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   114 30   18:             SEQUENCE {
   116 31   16:               SET {
   118 30   14:                 SEQUENCE {
   120 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   125 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   134 30   30:             SEQUENCE {
   136 17   13:               UTCTime '990817011049Z'
   151 17   13:               UTCTime '391231235959Z'
              :               }
   166 30   19:             SEQUENCE {
   168 31   17:               SET {
   170 30   15:                 SEQUENCE {
   172 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   177 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   187 30  438:             SEQUENCE {
   191 30  299:               SEQUENCE {
   195 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   204 30  286:                 SEQUENCE {
   208 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                           [ Another 1 bytes skipped ]
   340 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   363 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   494 03  132:               BIT STRING 0 unused bits, encapsulates {
   498 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
   629 A3  131:             [3] {
   632 30  128:               SEQUENCE {
   635 30   32:                 SEQUENCE {
   637 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   642 04   25:                   OCTET STRING, encapsulates {
   644 30   23:                       SEQUENCE {
   646 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
   669 30   12:                 SEQUENCE {
   671 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   676 01    1:                   BOOLEAN TRUE
   679 04    2:                   OCTET STRING, encapsulates {
   681 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   683 30   14:                 SEQUENCE {
   685 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   690 01    1:                   BOOLEAN TRUE
   693 04    4:                   OCTET STRING, encapsulates {
   695 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   699 30   31:                 SEQUENCE {
   701 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   706 04   24:                   OCTET STRING, encapsulates {
   708 30   22:                       SEQUENCE {
   710 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   732 30   29:                 SEQUENCE {
   734 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   739 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
   763 30    9:           SEQUENCE {
   765 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   774 03   48:           BIT STRING 0 unused bits, encapsulates {
   777 30   45:               SEQUENCE {
   779 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
   802 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
   824 31  295:       SET {
   828 30  291:         SEQUENCE {
   832 02    1:           INTEGER 1
   835 30   24:           SEQUENCE {
   837 30   18:             SEQUENCE {
   839 31   16:               SET {
   841 30   14:                 SEQUENCE {
   843 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   848 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   857 02    2:             INTEGER 200
              :             }
   861 30    7:           SEQUENCE {
   863 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
   870 A0  190:           [0] {
   873 30   24:             SEQUENCE {
   875 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   886 31   11:               SET {
   888 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
              :                 }
              :               }
   899 30   35:             SEQUENCE {
   901 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   912 31   22:               SET {
   914 04   20:                 OCTET STRING
              :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
              :                   96 87 DD 48
              :                 }
              :               }
   936 30  125:             SEQUENCE {
   938 06   11:               OBJECT IDENTIFIER
              :                 id-aa-receiptRequest (1 2 840 113549 1 9 16 2 1)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   951 31  110:               SET {
   953 30  108:                 SEQUENCE {
   955 04   50:                   OCTET STRING
              :                   45 78 61 6D 70 6C 65 20 31 31 2E 31
20 28 41 6C
              :                   69 63 65 20 61 73 6B 73 20 66 6F 72
20 61 20 72
              :                   65 63 65 69 70 74 20 66 72 6F 6D 20
44 69 61 6E
              :                   65 29
1007 A1   23:                   [1] {
1009 30   21:                     SEQUENCE {
1011 A4   19:                       [4] {
1013 30   17:                         SEQUENCE {
1015 31   15:                           SET {
1017 30   13:                             SEQUENCE {
1019 06    3:                               OBJECT IDENTIFIER
              :                                 commonName (2 5 4 3)
              :                                 (X.520 id-at (2 5 4))
1024 13    6:                               PrintableString 'BobRSA'
              :                               }
              :                             }
              :                           }
              :                         }
              :                       }
              :                     }
1032 30   29:                   SEQUENCE {
1034 30   27:                     SEQUENCE {
1036 81   25:                       [1] 'robert.colestock@wang.com'
              :                       }
              :                     }
              :                   }
              :                 }
              :               }
              :             }
1063 30    9:           SEQUENCE {
1065 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :               (ANSI X9.57 algorithm)
              :             }
1074 04   47:           OCTET STRING, encapsulates {
1076 30   45:               SEQUENCE {
1078 02   20:                 INTEGER
              :                   6F 15 C9 61 96 0F 3B 4F FD CC 62 97
7C B1 F3 C2
              :                   9A 9F E4 74
1100 02   21:                 INTEGER
              :                   00 9F 8D 42 09 CA 34 E9 35 9B BB 80
CD B7 81 26
              :                   E4 E6 7E 23 A5
              :                 }
              :               }
              :           }
              :         }
              :       }
              :     }
              :   }

11.2 Receipt

Bob gives Alice a receipt for the message in 11.1 using RSA.

     0 30 1033: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1018:   [0] {
    19 30 1014:     SEQUENCE {
    23 02    1:       INTEGER 3
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30  134:       SEQUENCE {
    40 06   11:         OBJECT IDENTIFIER
              :           id-ct-receipt (1 2 840 113549 1 9 16 1 1)
              :           (S/MIME Content Types (1 2 840 113549 1 9 16 1))
    53 A0  119:         [0] {
    55 04  117:           OCTET STRING, encapsulates {
    57 30  115:               SEQUENCE {
    59 02    1:                 INTEGER 1
    62 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
    73 04   50:                 OCTET STRING
              :                   45 78 61 6D 70 6C 65 20 31 31 2E 31
20 28 41 6C
              :                   69 63 65 20 61 73 6B 73 20 66 6F 72
20 61 20 72
              :                   65 63 65 69 70 74 20 66 72 6F 6D 20
44 69 61 6E
              :                   65 29
   125 04   47:                 OCTET STRING, encapsulates {
   127 30   45:                     SEQUENCE {
   129 02   20:                       INTEGER
              :                   6F 15 C9 61 96 0F 3B 4F FD CC 62 97
7C B1 F3 C2
              :                   9A 9F E4 74
   151 02   21:                       INTEGER
              :                   00 9F 8D 42 09 CA 34 E9 35 9B BB 80
CD B7 81 26
              :                   E4 E6 7E 23 A5
              :                       }
              :                     }
              :                 }
              :               }
              :           }
              :         }
   174 A0  516:       [0] {
   178 30  512:         SEQUENCE {
   182 30  365:           SEQUENCE {
   186 A0    3:             [0] {
   188 02    1:               INTEGER 2
              :               }
   191 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
   209 30    9:             SEQUENCE {
   211 06    5:               OBJECT IDENTIFIER
              :                 sha-1WithRSAEncryption (1 3 14 3 2 29)
              :                 (Oddball OIW OID)
   218 05    0:               NULL
              :               }
   220 30   18:             SEQUENCE {
   222 31   16:               SET {
   224 30   14:                 SEQUENCE {
   226 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   231 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   240 30   30:             SEQUENCE {
   242 17   13:               UTCTime '990919010902Z'
   257 17   13:               UTCTime '391231235959Z'
              :               }
   272 30   17:             SEQUENCE {
   274 31   15:               SET {
   276 30   13:                 SEQUENCE {
   278 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   283 13    6:                   PrintableString 'BobRSA'
              :                   }
              :                 }
              :               }
   291 30  159:             SEQUENCE {
   294 30   13:               SEQUENCE {
   296 06    9:                 OBJECT IDENTIFIER
              :                   rsaEncryption (1 2 840 113549 1 1 1)
              :                   (PKCS #1)
   307 05    0:                 NULL
              :                 }
   309 03  141:               BIT STRING 0 unused bits, encapsulates {
   313 30  137:                   SEQUENCE {
   316 02  129:                     INTEGER
              :                   00 CA 5C E1 2E EC CF C1 3B 5D 10 1B
DF 54 35 71
              :                   99 0A 09 D8 3D E4 61 BF A0 BE 0A BE
11 A4 3C B5
              :                   38 41 41 48 04 E1 5B B1 17 1C 53 B5
F4 C5 15 D3
              :                   FE 0C FB 0C AC EA 80 18 36 03 7E 41
93 53 D7 40
              :                   74 49 DB D9 C6 AF FE D6 CA 0D CA 01
84 8F A1 E9
              :                   A3 00 21 27 51 D5 40 19 AA E3 C0 30
78 5B A0 B2
              :                   E6 C1 2D 24 36 CB AE 44 10 82 B0 DD
74 D7 F6 EB
              :                   51 27 B2 A7 B6 AD 78 CA A7 1B 59 51
18 EF 28 0C
              :                           [ Another 1 bytes skipped ]
   448 02    3:                     INTEGER 65537
              :                     }
              :                   }
              :               }
   453 A3   96:             [3] {
   455 30   94:               SEQUENCE {
   457 30   12:                 SEQUENCE {
   459 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   464 01    1:                   BOOLEAN TRUE
   467 04    2:                   OCTET STRING, encapsulates {
   469 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   471 30   14:                 SEQUENCE {
   473 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   478 01    1:                   BOOLEAN TRUE
   481 04    4:                   OCTET STRING, encapsulates {
   483 03    2:                       BIT STRING 5 unused bits
              :                         '100'B
              :                       }
              :                   }
   487 30   31:                 SEQUENCE {
   489 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   494 04   24:                   OCTET STRING, encapsulates {
   496 30   22:                       SEQUENCE {
   498 80   20:                         [0]
              :                   E9 E0 90 27 AC 78 20 7A 9A D3 4C F2
42 37 4E 22
              :                   AE 9E 38 BB
              :                         }
              :                       }
              :                   }
   520 30   29:                 SEQUENCE {
   522 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   527 04   22:                   OCTET STRING
              :                   04 14 E8 F4 B8 67 D8 B3 96 A4 2A F3
11 AA 29 D3
              :                   95 5A 86 16 B4 24
              :                   }
              :                 }
              :               }
              :             }
   551 30    9:           SEQUENCE {
   553 06    5:             OBJECT IDENTIFIER
              :               sha-1WithRSAEncryption (1 3 14 3 2 29)
              :               (Oddball OIW OID)
   560 05    0:             NULL
              :             }
   562 03  129:           BIT STRING 0 unused bits
              :             98 FA AF 7D 21 01 AA B3 88 BC F1 EF 12 5F 4D 58
              :             30 D8 8E 4E BC E1 2C B2 7E 68 57 8D 0C 43 5C D7
              :             1E 45 D1 F7 95 33 E2 A0 75 CA 13 C8 53 BC 33 26
              :             9B B3 C8 50 DF CD 84 6A 1B E8 48 C8 42 D0 81 63
              :             6C 33 19 BE 02 69 F6 16 31 7F D4 99 DF 80 7A F3
              :             3B F8 1B 29 7D 26 51 37 03 22 3F F6 15 3D 30 F3
              :             32 8A F1 AE 97 DE D7 F5 16 A9 A7 AD C7 15 AF 53
              :             3E A8 25 91 B2 C4 5F 4E 6A 15 57 47 50 BC B2 FA
              :           }
              :         }
   694 31  339:       SET {
   698 30  335:         SEQUENCE {
   702 02    1:           INTEGER 1
   705 30   38:           SEQUENCE {
   707 30   18:             SEQUENCE {
   709 31   16:               SET {
   711 30   14:                 SEQUENCE {
   713 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   718 13    7:                   PrintableString 'CarlRSA'
              :                   }
              :                 }
              :               }
   727 02   16:             INTEGER
              :               46 34 6B C7 80 00 56 BC 11 D3 6E 2E CD 5D 71 D0
              :             }
   745 30    7:           SEQUENCE {
   747 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
   754 A0  136:           [0] {
   757 30   26:             SEQUENCE {
   759 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   770 31   13:               SET {
   772 06   11:                 OBJECT IDENTIFIER
              :                   id-ct-receipt (1 2 840 113549 1 9 16 1 1)
              :                   (S/MIME Content Types (1 2 840 113549
1 9 16 1))
              :                 }
              :               }
   785 30   30:             SEQUENCE {
   787 06    9:               OBJECT IDENTIFIER
              :                 signingTime (1 2 840 113549 1 9 5)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   798 31   17:               SET {
   800 18   15:                 GeneralizedTime '20000426190200Z'
              :                 }
              :               }
   817 30   35:             SEQUENCE {
   819 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   830 31   22:               SET {
   832 04   20:                 OCTET STRING
              :                   93 C0 4A 4C 74 86 1B EC CF 75 DE 30
20 32 58 1D
              :                   D4 B8 E8 54
              :                 }
              :               }
   854 30   37:             SEQUENCE {
   856 06   11:               OBJECT IDENTIFIER
              :                 id-aa-msgSigDigest (1 2 840 113549 1 9 16 2 5)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   869 31   22:               SET {
   871 04   20:                 OCTET STRING
              :                   B6 C3 E5 76 8E 43 68 AD 26 FE 45 83
90 D1 00 5C
              :                   B0 69 1D 14
              :                 }
              :               }
              :             }
   893 30   11:           SEQUENCE {
   895 06    9:             OBJECT IDENTIFIER
              :               rsaEncryption (1 2 840 113549 1 1 1)
              :               (PKCS #1)
              :             }
   906 04  128:           OCTET STRING
              :             4A C5 89 EC 4C 91 B7 BA 31 BC 5C 35 6E B0 60 B5
              :             9E A2 DD B8 1E 2E 72 A3 67 51 46 BB 25 DE AE C7
              :             8B DA 65 FE 30 56 24 02 B0 1D 64 07 7E 28 1D F4
              :             E0 65 90 BE 39 B7 71 C5 D8 22 11 2C D6 5D 87 0E
              :             33 76 8F CC 2E 76 1D 53 1A D9 67 3A 1E A4 44 5B
              :             7B 7A CD 7F 94 73 C1 32 4D 6E 02 7A 94 C8 0F B2
              :             6F 11 87 C8 B5 4C 9F 9E 87 80 40 FA 00 85 0E 53
              :             E1 DE DF C7 7E 72 C9 BF 9E C5 AE 57 C7 F1 28 0A
              :           }
              :         }
              :       }
              :     }
              :   }

11.3 eSSSecurityLabel

Alice includes a security label in the message in 5.1.

     0 30 1103: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1088:   [0] {
    19 30 1084:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30   43:       SEQUENCE {
    39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    50 A0   30:         [0] {
    52 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    82 A0  738:       [0] {
    86 30  734:         SEQUENCE {
    90 30  669:           SEQUENCE {
    94 A0    3:             [0] {
    96 02    1:               INTEGER 2
              :               }
    99 02    2:             INTEGER 200
   103 30    9:             SEQUENCE {
   105 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   114 30   18:             SEQUENCE {
   116 31   16:               SET {
   118 30   14:                 SEQUENCE {
   120 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   125 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   134 30   30:             SEQUENCE {
   136 17   13:               UTCTime '990817011049Z'
   151 17   13:               UTCTime '391231235959Z'
              :               }
   166 30   19:             SEQUENCE {
   168 31   17:               SET {
   170 30   15:                 SEQUENCE {
   172 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   177 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   187 30  438:             SEQUENCE {
   191 30  299:               SEQUENCE {
   195 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   204 30  286:                 SEQUENCE {
   208 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                           [ Another 1 bytes skipped ]
   340 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   363 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   494 03  132:               BIT STRING 0 unused bits, encapsulates {
   498 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
   629 A3  131:             [3] {
   632 30  128:               SEQUENCE {
   635 30   32:                 SEQUENCE {
   637 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   642 04   25:                   OCTET STRING, encapsulates {
   644 30   23:                       SEQUENCE {
   646 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
   669 30   12:                 SEQUENCE {
   671 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   676 01    1:                   BOOLEAN TRUE
   679 04    2:                   OCTET STRING, encapsulates {
   681 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   683 30   14:                 SEQUENCE {
   685 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   690 01    1:                   BOOLEAN TRUE
   693 04    4:                   OCTET STRING, encapsulates {
   695 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   699 30   31:                 SEQUENCE {
   701 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   706 04   24:                   OCTET STRING, encapsulates {
   708 30   22:                       SEQUENCE {
   710 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   732 30   29:                 SEQUENCE {
   734 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   739 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
   763 30    9:           SEQUENCE {
   765 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   774 03   48:           BIT STRING 0 unused bits, encapsulates {
   777 30   45:               SEQUENCE {
   779 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
   802 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
   824 31  279:       SET {
   828 30  275:         SEQUENCE {
   832 02    1:           INTEGER 1
   835 30   24:           SEQUENCE {
   837 30   18:             SEQUENCE {
   839 31   16:               SET {
   841 30   14:                 SEQUENCE {
   843 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   848 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   857 02    2:             INTEGER 200
              :             }
   861 30    7:           SEQUENCE {
   863 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
   870 A0  174:           [0] {
   873 30   24:             SEQUENCE {
   875 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   886 31   11:               SET {
   888 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
              :                 }
              :               }
   899 30   35:             SEQUENCE {
   901 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   912 31   22:               SET {
   914 04   20:                 OCTET STRING
              :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
              :                   96 87 DD 48
              :                 }
              :               }
   936 30  109:             SEQUENCE {
   938 06   11:               OBJECT IDENTIFIER
              :                 id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   951 31   94:               SET {
   953 31   92:                 SET {
   955 02    1:                   INTEGER 1
   958 06    7:                   OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
   967 31   49:                   SET {
   969 30   47:                     SEQUENCE {
   971 80    8:                       [0]
              :                   2A 03 04 05 06 07 86 78
   981 A1   35:                       [1] {
   983 13   33:                         PrintableString 'THIS IS A TEST
SECURITY-CATEGORY.'
              :                         }
              :                       }
              :                     }
1018 13   27:                   PrintableString 'THIS IS A PRIVACY MARK TEST'
              :                   }
              :                 }
              :               }
              :             }
1047 30    9:           SEQUENCE {
1049 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :               (ANSI X9.57 algorithm)
              :             }
1058 04   47:           OCTET STRING, encapsulates {
1060 30   45:               SEQUENCE {
1062 02   20:                 INTEGER
              :                   00 DC 34 49 B3 5A 23 BB 46 0E D0 5A
6D 06 5B 4C
              :                   81 46 CB 73
1084 02   21:                 INTEGER
              :                   00 CC E2 3C D9 20 CD 87 96 33 5D D3
92 BF 14 EC
              :                   6A 3A 0D 25 EE
              :                 }
              :               }
              :           }
              :         }
              :       }
              :     }
              :   }

11.4 EquivalentLabels

Alice uses an EquivalentLabels in the message in 11.3.

     0 30 1341: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1326:   [0] {
    19 30 1322:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30   43:       SEQUENCE {
    39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    50 A0   30:         [0] {
    52 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    82 A0  738:       [0] {
    86 30  734:         SEQUENCE {
    90 30  669:           SEQUENCE {
    94 A0    3:             [0] {
    96 02    1:               INTEGER 2
              :               }
    99 02    2:             INTEGER 200
   103 30    9:             SEQUENCE {
   105 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   114 30   18:             SEQUENCE {
   116 31   16:               SET {
   118 30   14:                 SEQUENCE {
   120 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   125 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   134 30   30:             SEQUENCE {
   136 17   13:               UTCTime '990817011049Z'
   151 17   13:               UTCTime '391231235959Z'
              :               }
   166 30   19:             SEQUENCE {
   168 31   17:               SET {
   170 30   15:                 SEQUENCE {
   172 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   177 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   187 30  438:             SEQUENCE {
   191 30  299:               SEQUENCE {
   195 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   204 30  286:                 SEQUENCE {
   208 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                           [ Another 1 bytes skipped ]
   340 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   363 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   494 03  132:               BIT STRING 0 unused bits, encapsulates {
   498 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
   629 A3  131:             [3] {
   632 30  128:               SEQUENCE {
   635 30   32:                 SEQUENCE {
   637 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   642 04   25:                   OCTET STRING, encapsulates {
   644 30   23:                       SEQUENCE {
   646 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
   669 30   12:                 SEQUENCE {
   671 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   676 01    1:                   BOOLEAN TRUE
   679 04    2:                   OCTET STRING, encapsulates {
   681 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   683 30   14:                 SEQUENCE {
   685 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   690 01    1:                   BOOLEAN TRUE
   693 04    4:                   OCTET STRING, encapsulates {
   695 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   699 30   31:                 SEQUENCE {
   701 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   706 04   24:                   OCTET STRING, encapsulates {
   708 30   22:                       SEQUENCE {
   710 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   732 30   29:                 SEQUENCE {
   734 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   739 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
   763 30    9:           SEQUENCE {
   765 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   774 03   48:           BIT STRING 0 unused bits, encapsulates {
   777 30   45:               SEQUENCE {
   779 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
   802 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
   824 31  517:       SET {
   828 30  513:         SEQUENCE {
   832 02    1:           INTEGER 1
   835 30   24:           SEQUENCE {
   837 30   18:             SEQUENCE {
   839 31   16:               SET {
   841 30   14:                 SEQUENCE {
   843 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   848 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   857 02    2:             INTEGER 200
              :             }
   861 30    7:           SEQUENCE {
   863 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
   870 A0  411:           [0] {
   874 30   24:             SEQUENCE {
   876 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   887 31   11:               SET {
   889 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
              :                 }
              :               }
   900 30   35:             SEQUENCE {
   902 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   913 31   22:               SET {
   915 04   20:                 OCTET STRING
              :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
              :                   96 87 DD 48
              :                 }
              :               }
   937 30  113:             SEQUENCE {
   939 06   11:               OBJECT IDENTIFIER
              :                 id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
   952 31   98:               SET {
   954 31   96:                 SET {
   956 02    1:                   INTEGER 1
   959 06    7:                   OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
   968 31   53:                   SET {
   970 30   51:                     SEQUENCE {
   972 80    8:                       [0]
              :                   2A 03 04 05 06 07 86 78
   982 A1   39:                       [1] {
   984 13   37:                         PrintableString 'BOB THIS IS A
TEST SECURITY-CATEGORY.'
              :                         }
              :                       }
              :                     }
1023 13   27:                   PrintableString 'THIS IS A PRIVACY MARK TEST'
              :                   }
              :                 }
              :               }
1052 30  230:             SEQUENCE {
1055 06   11:               OBJECT IDENTIFIER
              :                 id-aa-equivalentLabels (1 2 840 113549
1 9 16 2 9)
              :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
1068 31  214:               SET {
1071 30  211:                 SEQUENCE {
1074 31  100:                   SET {
1076 02    1:                     INTEGER 1
1079 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
1088 31   53:                     SET {
1090 30   51:                       SEQUENCE {
1092 80    8:                         [0]
              :                   2A 03 04 05 06 07 86 78
1102 A1   39:                         [1] {
1104 13   37:                           PrintableString 'BOB THIS IS
A TEST SECURITY-CATEGORY.'
              :                           }
              :                         }
              :                       }
1143 13   31:                     PrintableString 'BOB THIS IS A
PRIVACY MARK TEST'
              :                     }
1176 31  107:                   SET {
1178 02    1:                     INTEGER 1
1181 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1190 31   53:                     SET {
1192 30   51:                       SEQUENCE {
1194 80    8:                         [0]
              :                   2A 03 04 05 06 07 86 78
1204 A1   39:                         [1] {
1206 13   37:                           PrintableString 'BOB THIS IS
A TEST SECURITY-CATEGORY.'
              :                           }
              :                         }
              :                       }
1245 13   38:                     PrintableString 'BOB THIS IS A
SECOND PRIVACY MARK TEST'
              :                     }
              :                   }
              :                 }
              :               }
              :             }
1285 30    9:           SEQUENCE {
1287 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :               (ANSI X9.57 algorithm)
              :             }
1296 04   47:           OCTET STRING, encapsulates {
1298 30   45:               SEQUENCE {
1300 02   21:                 INTEGER
              :                   00 9D 50 FA 7F 91 68 8D 44 11 41 2E
D4 51 5B A1
              :                   7D A4 B5 BD F7
1323 02   20:                 INTEGER
              :                   15 B6 E7 31 2E 7C F5 5B 1E 22 F0 3A
D1 92 92 E1
              :                   BE 31 A6 D9
              :                 }
              :               }
              :           }
              :         }
              :       }
              :     }
              :   }

11.5 mlExpansionHistory

The mailing list sends a message with a mlExpansionHistory attribute.

    0 30 1302: SEQUENCE {
    4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
             :     (PKCS #7)
   15 A0 1287:   [0] {
   19 30 1283:     SEQUENCE {
   23 02    1:       INTEGER 1
   26 31    9:       SET {
   28 30    7:         SEQUENCE {
   30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
             :             (OIW)
             :           }
             :         }
   37 30   43:       SEQUENCE {
   39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :           (PKCS #7)
   50 A0   30:         [0] {
   52 04   28:           OCTET STRING
             :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
             :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
             :           }
             :         }
   82 31 1220:       SET {
   86 30 1216:         SEQUENCE {
   90 02    1:           INTEGER 1
   93 30   24:           SEQUENCE {
   95 30   18:             SEQUENCE {
   97 31   16:               SET {
   99 30   14:                 SEQUENCE {
  101 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
             :                     (X.520 id-at (2 5 4))
  106 13    7:                   PrintableString 'CarlDSS'
             :                   }
             :                 }
             :               }
  115 02    2:             INTEGER 200
             :             }
  119 30    7:           SEQUENCE {
  121 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
             :               (OIW)
             :             }
  128 A0 1115:           [0] {
  132 30   24:             SEQUENCE {
  134 06    9:               OBJECT IDENTIFIER
             :                 contentType (1 2 840 113549 1 9 3)
             :                 (PKCS #9 (1 2 840 113549 1 9))
  145 31   11:               SET {
  147 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
             :                   (PKCS #7)
             :                 }
             :               }
  158 30   35:             SEQUENCE {
  160 06    9:               OBJECT IDENTIFIER
             :                 messageDigest (1 2 840 113549 1 9 4)
             :                 (PKCS #9 (1 2 840 113549 1 9))
  171 31   22:               SET {
  173 04   20:                 OCTET STRING
             :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E 06 29 C0 22
             :                   96 87 DD 48
             :                 }
             :               }
  195 30   56:             SEQUENCE {
  197 06    3:               OBJECT IDENTIFIER '1 2 5555'
  202 31   49:               SET {
  204 04   47:                 OCTET STRING
             :                   54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 47
             :                   65 6E 65 72 61 6C 20 41 53 4E 20 41 74 74 72 69
             :                   62 75 74 65 2C 20 6E 75 6D 62 65 72 20 31 2E
             :                 }
             :               }
  253 30   58:             SEQUENCE {
  255 06   11:               OBJECT IDENTIFIER
             :                 id-aa-contentHint (1 2 840 113549 1 9 16 2 4)
             :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
  268 31   43:               SET {
  270 30   41:                 SEQUENCE {
  272 0C   32:                   UTF8String 'Content Hints Description Buffer'
  306 06    5:                   OBJECT IDENTIFIER '1 2 3 6 5 4'
             :                   }
             :                 }
             :               }
  313 30   74:             SEQUENCE {
  315 06    9:               OBJECT IDENTIFIER
             :                 sMIMECapabilities (1 2 840 113549 1 9 15)
             :                 (PKCS #9 (1 2 840 113549 1 9).  This
OID was formerly assigned as symmetricCapabilities, then reassigned
as SMIMECapabilities, then renamed to the current name)
  326 31   61:               SET {
  328 30   59:                 SEQUENCE {
  330 30    7:                   SEQUENCE {
  332 06    5:                     OBJECT IDENTIFIER '1 2 3 4 5 6'
             :                     }
  339 30   48:                   SEQUENCE {
  341 06    6:                     OBJECT IDENTIFIER '1 2 3 4 5 6 77'
  349 04   38:                     OCTET STRING
             :                   53 6D 69 6D 65 20 43 61 70 61 62 69 6C 69 74 69
             :                   65 73 20 70 61 72 61 6D 65 74 65 72 73 20 62 75
             :                   66 66 65 72 20 32
             :                     }
             :                   }
             :                 }
             :               }
  389 30  109:             SEQUENCE {
  391 06   11:               OBJECT IDENTIFIER
             :                 id-aa-securityLabel (1 2 840 113549 1 9 16 2 2)
             :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
  404 31   94:               SET {
  406 31   92:                 SET {
  408 02    1:                   INTEGER 1
  411 06    7:                   OBJECT IDENTIFIER '1 2 3 4 5 6 7 8'
  420 31   49:                   SET {
  422 30   47:                     SEQUENCE {
  424 80    8:                       [0]
             :                   2A 03 04 05 06 07 86 78
  434 A1   35:                       [1] {
  436 13   33:                         PrintableString 'THIS IS A TEST
SECURITY-CATEGORY.'
             :                         }
             :                       }
             :                     }
  471 13   27:                   PrintableString 'THIS IS A PRIVACY MARK TEST'
             :                   }
             :                 }
             :               }
  500 30  111:             SEQUENCE {
  502 06   11:               OBJECT IDENTIFIER
             :                 id-aa-contentReference (1 2 840 113549
1 9 16 2 10)
             :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
  515 31   96:               SET {
  517 30   94:                 SEQUENCE {
  519 06    5:                   OBJECT IDENTIFIER '1 2 3 4 5 6'
  526 04   43:                   OCTET STRING
             :                   43 6F 6E 74 65 6E 74 20 52 65 66 65 72 65 6E 63
             :                   65 20 43 6F 6E 74 65 6E 74 20 49 64 65 6E 74 69
             :                   66 69 65 72 20 42 75 66 66 65 72
  571 04   40:                   OCTET STRING
             :                   43 6F 6E 74 65 6E 74 20 52 65 66 65 72 65 6E 63
             :                   65 20 53 69 67 6E 61 74 75 72 65 20 56 61 6C 75
             :                   65 20 42 75 66 66 65 72
             :                   }
             :                 }
             :               }
  613 30  115:             SEQUENCE {
  615 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 2 11'
  628 31  100:               SET {
  630 A0   98:                 [0] {
  632 30   90:                   SEQUENCE {
  634 31   11:                     SET {
  636 30    9:                       SEQUENCE {
  638 06    3:                         OBJECT IDENTIFIER countryName (2 5 4 6)
             :                           (X.520 id-at (2 5 4))
  643 13    2:                         PrintableString 'US'
             :                         }
             :                       }
  647 31   22:                     SET {
  649 30   20:                       SEQUENCE {
  651 06    3:                         OBJECT IDENTIFIER
             :                           organizationName (2 5 4 10)
             :                           (X.520 id-at (2 5 4))
  656 13   13:                         PrintableString 'US Government'
             :                         }
             :                       }
  671 31   17:                     SET {
  673 30   15:                       SEQUENCE {
  675 06    3:                         OBJECT IDENTIFIER
             :                           organizationalUnitName (2 5 4 11)
             :                           (X.520 id-at (2 5 4))
  680 13    8:                         PrintableString 'VDA Site'
             :                         }
             :                       }
  690 31   12:                     SET {
  692 30   10:                       SEQUENCE {
  694 06    3:                         OBJECT IDENTIFIER
             :                           organizationalUnitName (2 5 4 11)
             :                           (X.520 id-at (2 5 4))
  699 13    3:                         PrintableString 'VDA'
             :                         }
             :                       }
  704 31   18:                     SET {
  706 30   16:                       SEQUENCE {
  708 06    3:                         OBJECT IDENTIFIER commonName (2 5 4 3)
             :                           (X.520 id-at (2 5 4))
  713 13    9:                         PrintableString 'Daisy RSA'
             :                         }
             :                       }
             :                     }
  724 02    4:                   INTEGER 173360179
             :                   }
             :                 }
             :               }
  730 30  252:             SEQUENCE {
  733 06   11:               OBJECT IDENTIFIER
             :                 id-aa-mlExpandHistory (1 2 840 113549 1 9 16 2 3)
             :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
  746 31  236:               SET {
  749 30  233:                 SEQUENCE {
  752 30  230:                   SEQUENCE {
  755 04    7:                     OCTET STRING
             :                   35 37 33 38 32 39 39
  764 18   15:                     GeneralizedTime '19990311104433Z'
  781 A1  201:                     [1] {
  784 30  198:                       SEQUENCE {
  787 A4   97:                         [4] {
  789 30   95:                           SEQUENCE {
  791 31   11:                             SET {
  793 30    9:                               SEQUENCE {
  795 06    3:                                 OBJECT IDENTIFIER
             :                                   countryName (2 5 4 6)
             :                                   (X.520 id-at (2 5 4))
  800 13    2:                                 PrintableString 'US'
             :                                 }
             :                               }
  804 31   22:                             SET {
  806 30   20:                               SEQUENCE {
  808 06    3:                                 OBJECT IDENTIFIER
             :                                   organizationName (2 5 4 10)
             :                                   (X.520 id-at (2 5 4))
  813 13   13:                                 PrintableString 'US Government'
             :                                 }
             :                               }
  828 31   17:                             SET {
  830 30   15:                               SEQUENCE {
  832 06    3:                                 OBJECT IDENTIFIER
             :
organizationalUnitName (2 5 4 11)
             :                                   (X.520 id-at (2 5 4))
  837 13    8:                                 PrintableString 'VDA Site'
             :                                 }
             :                               }
  847 31   12:                             SET {
  849 30   10:                               SEQUENCE {
  851 06    3:                                 OBJECT IDENTIFIER
             :
organizationalUnitName (2 5 4 11)
             :                                   (X.520 id-at (2 5 4))
  856 13    3:                                 PrintableString 'VDA'
             :                                 }
             :                               }
  861 31   23:                             SET {
  863 30   21:                               SEQUENCE {
  865 06    3:                                 OBJECT IDENTIFIER
             :                                   commonName (2 5 4 3)
             :                                   (X.520 id-at (2 5 4))
  870 13   14:                                 PrintableString 'Bugs Bunny DSA'
             :                                 }
             :                               }
             :                             }
             :                           }
  886 A4   97:                         [4] {
  888 30   95:                           SEQUENCE {
  890 31   11:                             SET {
  892 30    9:                               SEQUENCE {
  894 06    3:                                 OBJECT IDENTIFIER
             :                                   countryName (2 5 4 6)
             :                                   (X.520 id-at (2 5 4))
  899 13    2:                                 PrintableString 'US'
             :                                 }
             :                               }
  903 31   22:                             SET {
  905 30   20:                               SEQUENCE {
  907 06    3:                                 OBJECT IDENTIFIER
             :                                   organizationName (2 5 4 10)
             :                                   (X.520 id-at (2 5 4))
  912 13   13:                                 PrintableString 'US Government'
             :                                 }
             :                               }
  927 31   17:                             SET {
  929 30   15:                               SEQUENCE {
  931 06    3:                                 OBJECT IDENTIFIER
             :
organizationalUnitName (2 5 4 11)
             :                                   (X.520 id-at (2 5 4))
  936 13    8:                                 PrintableString 'VDA Site'
             :                                 }
             :                               }
  946 31   12:                             SET {
  948 30   10:                               SEQUENCE {
  950 06    3:                                 OBJECT IDENTIFIER
             :
organizationalUnitName (2 5 4 11)
             :                                   (X.520 id-at (2 5 4))
  955 13    3:                                 PrintableString 'VDA'
             :                                 }
             :                               }
  960 31   23:                             SET {
  962 30   21:                               SEQUENCE {
  964 06    3:                                 OBJECT IDENTIFIER
             :                                   commonName (2 5 4 3)
             :                                   (X.520 id-at (2 5 4))
  969 13   14:                                 PrintableString 'Elmer Fudd DSA'
             :                                 }
             :                               }
             :                             }
             :                           }
             :                         }
             :                       }
             :                     }
             :                   }
             :                 }
             :               }
  985 30  258:             SEQUENCE {
  989 06   11:               OBJECT IDENTIFIER
             :                 id-aa-equivalentLabels (1 2 840 113549
1 9 16 2 9)
             :                 (S/MIME Authenticated Attributes (1 2
840 113549 1 9 16 2))
1002 31  242:               SET {
1005 30  239:                 SEQUENCE {
1008 31  114:                   SET {
1010 02    1:                     INTEGER 1
1013 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 9'
1022 31   60:                     SET {
1024 30   58:                       SEQUENCE {
1026 80    8:                         [0]
             :                   2A 03 04 05 06 07 86 78
1036 A1   46:                         [1] {
1038 13   44:                           PrintableString
             :                   'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
             :                           }
             :                         }
             :                       }
1084 13   38:                     PrintableString 'EQUIVALENT THIS IS
A PRIVACY MARK TEST'
             :                     }
1124 31  121:                   SET {
1126 02    1:                     INTEGER 1
1129 06    7:                     OBJECT IDENTIFIER '1 2 3 4 5 6 7 10'
1138 31   60:                     SET {
1140 30   58:                       SEQUENCE {
1142 80    8:                         [0]
             :                   2A 03 04 05 06 07 86 78
1152 A1   46:                         [1] {
1154 13   44:                           PrintableString
             :                   'EQUIVALENT THIS IS A TEST SECURITY-CATEGORY.'
             :                           }
             :                         }
             :                       }
1200 13   45:                     PrintableString
             :                   'EQUIVALENT THIS IS A SECOND PRIVACY MARK TEST'
             :                     }
             :                   }
             :                 }
             :               }
             :             }
1247 30    9:           SEQUENCE {
1249 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
             :               (ANSI X9.57 algorithm)
             :             }
1258 04   46:           OCTET STRING, encapsulates {
1260 30   44:               SEQUENCE {
1262 02   20:                 INTEGER
             :                   25 2B 30 CB 42 AE 5D 65 FF A9 72 64 97 C0 54 21
             :                   06 E2 2E 0B
1284 02   20:                 INTEGER
             :                   07 61 A1 24 BE 73 94 5F 63 FD 92 0D 2E C2 35 7D
             :                   9B 7B 0E 27
             :                 }
             :               }
             :           }
             :         }
             :       }
             :     }
             :   }

11.6 SigningCertificate

Alice uses a SigningCertificate attribute in the message in 5.1.

     0 30 1110: SEQUENCE {
     4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
              :     (PKCS #7)
    15 A0 1095:   [0] {
    19 30 1091:     SEQUENCE {
    23 02    1:       INTEGER 1
    26 31    9:       SET {
    28 30    7:         SEQUENCE {
    30 06    5:           OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :             (OIW)
              :           }
              :         }
    37 30   43:       SEQUENCE {
    39 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :           (PKCS #7)
    50 A0   30:         [0] {
    52 04   28:           OCTET STRING
              :             54 68 69 73 20 69 73 20 73 6F 6D 65 20 73 61 6D
              :             70 6C 65 20 63 6F 6E 74 65 6E 74 2E
              :           }
              :         }
    82 A0  738:       [0] {
    86 30  734:         SEQUENCE {
    90 30  669:           SEQUENCE {
    94 A0    3:             [0] {
    96 02    1:               INTEGER 2
              :               }
    99 02    2:             INTEGER 200
   103 30    9:             SEQUENCE {
   105 06    7:               OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :                 (ANSI X9.57 algorithm)
              :               }
   114 30   18:             SEQUENCE {
   116 31   16:               SET {
   118 30   14:                 SEQUENCE {
   120 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   125 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   134 30   30:             SEQUENCE {
   136 17   13:               UTCTime '990817011049Z'
   151 17   13:               UTCTime '391231235959Z'
              :               }
   166 30   19:             SEQUENCE {
   168 31   17:               SET {
   170 30   15:                 SEQUENCE {
   172 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   177 13    8:                   PrintableString 'AliceDSS'
              :                   }
              :                 }
              :               }
   187 30  438:             SEQUENCE {
   191 30  299:               SEQUENCE {
   195 06    7:                 OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :                   (ANSI X9.57 algorithm)
   204 30  286:                 SEQUENCE {
   208 02  129:                   INTEGER
              :                   00 81 8D CD ED 83 EA 0A 9E 39 3E C2
48 28 A3 E4
              :                   47 93 DD 0E D7 A8 0E EC 53 C5 AB 84
08 4F FF 94
              :                   E1 73 48 7E 0C D6 F3 44 48 D1 FE 9F
AF A4 A1 89
              :                   2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C
DC 5F 69 8A
              :                   E4 75 D0 37 0C 91 08 95 9B DE A7 5E
F9 FC F4 9F
              :                   2F DD 43 A8 8B 54 F1 3F B0 07 08 47
4D 5D 88 C3
              :                   C3 B5 B3 E3 55 08 75 D5 39 76 10 C4
78 BD FF 9D
              :                   B0 84 97 37 F2 E4 51 1B B5 E4 09 96
5C F3 7E 5B
              :                           [ Another 1 bytes skipped ]
   340 02   21:                   INTEGER
              :                   00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F
B8 37 21 2B
              :                   62 8B F7 93 CD
   363 02  128:                   INTEGER
              :                   26 38 D0 14 89 32 AA 39 FB 3E 6D D9
4B 59 6A 4C
              :                   76 23 39 04 02 35 5C F2 CB 1A 30 C3
1E 50 5D DD
              :                   9B 59 E2 CD AA 05 3D 58 C0 7B A2 36
B8 6E 07 AF
              :                   7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B
3E 90 F8 6D
              :                   EA 9C C9 21 8A 3B 76 14 E9 CE 2E 5D
A3 07 CD 23
              :                   85 B8 2F 30 01 7C 6D 49 89 11 89 36
44 BD F8 C8
              :                   95 4A 53 56 B5 E2 F9 73 EC 1A 61 36
1F 11 7F C2
              :                   BD ED D1 50 FF 98 74 C2 D1 81 4A 60
39 BA 36 39
              :                   }
              :                 }
   494 03  132:               BIT STRING 0 unused bits, encapsulates {
   498 02  128:                   INTEGER
              :                   5C E3 B9 5A 75 14 96 0B A9 7A DD E3
3F A9 EC AC
              :                   5E DC BD B7 13 11 34 A6 16 89 28 11
23 D9 34 86
              :                   67 75 75 13 12 3D 43 5B 6F E5 51 BF
FA 89 F2 A2
              :                   1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45
A5 A0 4A E3
              :                   85 D6 CE 06 80 3F E8 23 7E 1A F2 24
AB 53 1A B8
              :                   27 0D 1E EF 08 BF 66 14 80 5C 62 AC
65 FA 15 8B
              :                   F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4
32 84 F0 7E
              :                   41 40 FD 46 A7 63 4E 33 F2 A5 E2 F4
F2 83 E5 B8
              :                   }
              :               }
   629 A3  131:             [3] {
   632 30  128:               SEQUENCE {
   635 30   32:                 SEQUENCE {
   637 06    3:                   OBJECT IDENTIFIER subjectAltName (2 5 29 17)
              :                     (X.509 id-ce (2 5 29))
   642 04   25:                   OCTET STRING, encapsulates {
   644 30   23:                       SEQUENCE {
   646 81   21:                         [1] 'aliceDss@examples.com'
              :                         }
              :                       }
              :                   }
   669 30   12:                 SEQUENCE {
   671 06    3:                   OBJECT IDENTIFIER basicConstraints (2 5 29 19)
              :                     (X.509 id-ce (2 5 29))
   676 01    1:                   BOOLEAN TRUE
   679 04    2:                   OCTET STRING, encapsulates {
   681 30    0:                       SEQUENCE {}
              :                       }
              :                   }
   683 30   14:                 SEQUENCE {
   685 06    3:                   OBJECT IDENTIFIER keyUsage (2 5 29 15)
              :                     (X.509 id-ce (2 5 29))
   690 01    1:                   BOOLEAN TRUE
   693 04    4:                   OCTET STRING, encapsulates {
   695 03    2:                       BIT STRING 6 unused bits
              :                         '11'B
              :                       }
              :                   }
   699 30   31:                 SEQUENCE {
   701 06    3:                   OBJECT IDENTIFIER
              :                     authorityKeyIdentifier (2 5 29 35)
              :                     (X.509 id-ce (2 5 29))
   706 04   24:                   OCTET STRING, encapsulates {
   708 30   22:                       SEQUENCE {
   710 80   20:                         [0]
              :                   70 44 3E 82 2E 6F 87 DE 4A D3 75 E3
3D 20 BC 43
              :                   2B 93 F1 1F
              :                         }
              :                       }
              :                   }
   732 30   29:                 SEQUENCE {
   734 06    3:                   OBJECT IDENTIFIER
              :                     subjectKeyIdentifier (2 5 29 14)
              :                     (X.509 id-ce (2 5 29))
   739 04   22:                   OCTET STRING
              :                   04 14 BE 6C A1 B3 E3 C1 F7 ED 43 70
A4 CE 13 01
              :                   E2 FD E3 97 FE CD
              :                   }
              :                 }
              :               }
              :             }
   763 30    9:           SEQUENCE {
   765 06    7:             OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
              :               (ANSI X9.57 algorithm)
              :             }
   774 03   48:           BIT STRING 0 unused bits, encapsulates {
   777 30   45:               SEQUENCE {
   779 02   21:                 INTEGER
              :                   00 98 B0 C6 3F CF 71 47 5A 35 A9 4A
8F C0 F8 24
              :                   05 E8 46 94 8E
   802 02   20:                 INTEGER
              :                   5B 9F 48 C0 8C A1 C1 02 9C 44 EA E9
A1 87 C1 A5
              :                   7F 28 2D BB
              :                 }
              :               }
              :           }
              :         }
   824 31  286:       SET {
   828 30  282:         SEQUENCE {
   832 02    1:           INTEGER 1
   835 30   24:           SEQUENCE {
   837 30   18:             SEQUENCE {
   839 31   16:               SET {
   841 30   14:                 SEQUENCE {
   843 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
              :                     (X.520 id-at (2 5 4))
   848 13    7:                   PrintableString 'CarlDSS'
              :                   }
              :                 }
              :               }
   857 02    2:             INTEGER 200
              :             }
   861 30    7:           SEQUENCE {
   863 06    5:             OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
              :               (OIW)
              :             }
   870 A0  182:           [0] {
   873 30   24:             SEQUENCE {
   875 06    9:               OBJECT IDENTIFIER
              :                 contentType (1 2 840 113549 1 9 3)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   886 31   11:               SET {
   888 06    9:                 OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
              :                   (PKCS #7)
              :                 }
              :               }
   899 30   35:             SEQUENCE {
   901 06    9:               OBJECT IDENTIFIER
              :                 messageDigest (1 2 840 113549 1 9 4)
              :                 (PKCS #9 (1 2 840 113549 1 9))
   912 31   22:               SET {
   914 04   20:                 OCTET STRING
              :                   40 6A EC 08 52 79 BA 6E 16 02 2D 9E
06 29 C0 22
              :                   96 87 DD 48
              :                 }
              :               }
   936 30  117:             SEQUENCE {
   938 06   11:               OBJECT IDENTIFIER '1 2 840 113549 1 9 16 2 12'
   951 31  102:               SET {
   953 30  100:                 SEQUENCE {
   955 30   48:                   SEQUENCE {
   957 30   46:                     SEQUENCE {
   959 04   44:                       OCTET STRING
              :                   54 48 49 53 20 49 53 20 41 20 53 49
47 4E 49 4E
              :                   47 20 43 45 52 54 49 46 49 43 41 54
45 20 41 54
              :                   54 52 49 42 55 54 45 20 54 45 53 54
              :                       }
              :                     }
1005 30   48:                   SEQUENCE {
1007 30   46:                     SEQUENCE {
1009 06    6:                       OBJECT IDENTIFIER '1 2 3 4 5 6 7'
1017 30   36:                       SEQUENCE {
1019 30   34:                         SEQUENCE {
1021 06    6:                           OBJECT IDENTIFIER '1 2 3 4 5 6 7'
1029 04   24:                           OCTET STRING
              :                   54 48 49 53 20 49 53 20 41 20 51 55
41 4C 49 46
              :                   49 45 52 20 54 45 53 54
              :                           }
              :                         }
              :                       }
              :                     }
              :                   }
              :                 }
              :               }
              :             }
1055 30    9:           SEQUENCE {
1057 06    7:             OBJECT IDENTIFIER dsa (1 2 840 10040 4 1)
              :               (ANSI X9.57 algorithm)
              :             }
1066 04   46:           OCTET STRING, encapsulates {
1068 30   44:               SEQUENCE {
1070 02   20:                 INTEGER
              :                   12 DE 7E A3 EA D0 95 FA 47 C6 75 93
5D 89 6A 0A
              :                   C5 B4 9E E3
1092 02   20:                 INTEGER
              :                   23 FB 30 41 4A 7B FF 3D 7B 0B ED 5A
33 FF 75 B5
              :                   A3 00 B5 8E
              :                 }
              :               }
              :           }
              :         }
              :       }
              :     }
              :   }

12. Security Considerations

Because this document shows examples of S/MIME, CMS, and ESS messages,
this document also inherits all of the security considerations from
[SMIME-MSG], [CMS], and [SMIME-ESS].

The Perl script in Appendix B writes to the user's local hard drive. A
malicious attacker could modify the Perl script in this document. Be
sure to read the Perl code carefully before executing it.

A. References

[CMS] Cryptographic Message Syntax, RFC 2630.

[DVCS] PKIX Data Validation and Certification Server Protocols,
RFC 3029.

[PKIX] PKIX Certificate and CRL Profile, RFC 2459.

[SMIME-MSG] S/MIME Version 3 Message Specification. RFC 2633.

[SMIME-ESS] Enhanced Security Services for S/MIME, RFC 2634.

B. Binaries of the Examples

This section contains the binaries of the examples shown in the rest of
the document. The binaries are stored in a modified Base64 format.
There is a Perl program that, when run over the contents of this
document, will extract the following binaries and write them out to
disk. The program works with Perl for Unix and Windows 95/98/NT (and
possibly Macintosh).

B.1 How the binaries and extractor works

The program in the next section looks for lines that begin with a '|'
character (or some whitespace followed by a '|'), ignoring all other
lines. If the line begins with '|', the second character tells what
kind of line it is:
     A line that begins with |* is a comment
     A line that begins with |> gives the name of a new file to start
     A line that begins with |< tells to end the file (and checks the
           file name for sanity)
     A line that begins with |anythingelse is a Base64 line

The program writes out a series of files, so you should run this in an
empty directory. The program will overwrite files (if it can), but won't
delete other files already in the directory.

Run this program with this document as the standard input, such as:
      extractsample <draft-ietf-smime-examples

If you want to extract without the program, copy all the lines between
the "|>" and "|<" markers, remove any page breaks, and remove the "|"
in the first column of each line. The result is a valid Base64 blob that
can be processed by any Base64 decoder.

B.2 Example extraction program

#!/usr/bin/perl

# CMS Samples extraction program. v 1.1

# Get all the input as an array of lines
@AllIn = (); while (<STDIN>) { push(@AllIn, $_) }

$Base64Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr' .
      'stuvwxyz0123456789+/=';
$LineCount = 0; $CurrFile = '';

foreach $Line (@AllIn) {
      $LineCount++;  # Keep the line counter for error messages
      $Line =~ s/^\s*//;  # Get rid of leading whitespace
      chomp($Line);  # Get rid of CR or CRLF at the end of the line
      if(substr($Line, 0, 1) ne '|') { next }  # Not a special line
      elsif(substr($Line, 1, 1) eq '*') { next }  # It is a comment
      elsif(substr($Line, 1, 1) eq '>')
          { &StartNewFile(substr($Line, 2)) }  # Start a new file
      elsif(substr($Line, 1, 1) eq '<')
          { &EndCurrFile(substr($Line, 2)) }  # End the current file
      else { &DoBase64(substr($Line, 1)) }  # It is a line of Base64
}

sub StartNewFile {
      $TheNewFile = shift(@_);
      if($CurrFile ne '') { die "Was about to start a new file at " .
          "line $LineCount, but the old file, $CurrFile, was open\n" }
      open(OUT, ">$TheNewFile") or
          die "Could not open $TheNewFile for writing: $!\n";
      binmode(OUT);  # This is needed for Windows, is a noop on Unix
      $CurrFile = $TheNewFile;
      $LeftOver = 0;  # Amount left from previous Base64 character
      $NextPos = 0;  # Bit position to start the next Base64 character
                     #     (bits are numbered 01234567)
      $OutString = '';  # Holds the text going out to the file
}

sub EndCurrFile {
      $FileToEnd = shift(@_);
      if($CurrFile ne $FileToEnd) { die "Was about to close " .
          "$FileToEnd at line $LineCount, but that name didn't match " .
          "the name of the currently open file, $CurrFile\n" }
      print OUT $OutString;
      close(OUT);
      $CurrFile = '';
}

sub DoBase64 {
      $TheIn = shift(@_);
        if($CurrFile eq '') { die "Got some Base64 at line $LineCount, " .
                "but appear to not be writing to any particular file.\n" }
      @Chars = split(//, $TheIn);  # Make an array of the characters
      foreach $ThisChar (@Chars) {
                # $ThisVal is the position in the string and the Base64 value
          $ThisVal = index($Base64Chars, $ThisChar);
          if($ThisVal == -1) { die "At line $LineCount, found the " .
              "character $ThisChar, which is not a Base64 character\n" }
          if($ThisVal == 64) { last }  # It is a "=", so we're done
          if ($NextPos == 0 ) {
              # Don't output anything, just fill the left of $LeftOver
              $LeftOver = $ThisVal * 4;
              $NextPos = 6;
          } elsif ($NextPos == 2) {
                        # Add $ThisVal to $LeftOver, output, and reset
              $OutString .= chr($LeftOver + $ThisVal);
              $LeftOver = 0;
              $NextPos = 0;
          } elsif ($NextPos == 4) {
              # Add upper 4 bits of $ThisVal to $LeftOver and output
              $Upper4 = ($ThisVal & 60);
              $OutString .= chr($LeftOver + ($Upper4/4));
              $LeftOver = (($ThisVal - $Upper4) * 64);
              $NextPos = 2;
          } elsif ($NextPos == 6) {
              # Add upper 2 bits of $ThisVal to $LeftOver and output
              $Upper2 = ($ThisVal & 48);
              $OutString .= chr($LeftOver + ($Upper2/16));
              $LeftOver = (($ThisVal - $Upper2) * 16);
              $NextPos = 4;
          } else { die "\$NextPos has an illegal value: $NextPos." }
      }
}

C. Examples by section

Example from section 3.1 (content)

|* ExContent is just the message
|* Creator: [PH]
|>ExContent.bin
|VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg==
|<ExContent.bin

Examples from section 3.2 (private keys)

|* AlicePrivDSSSign.pri
|* Creator: [JS]
|>AlicePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQQXAhUA
|u0RG0aXJRgcu0P561pIH8JqFiT8=
|<AlicePrivDSSSign.pri

|* AlicePrivRSASign.pri
|* Creator: [JS]
|>AlicePrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2OX9OsA
|W7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H
|2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE
|7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K0shissfXSAlqi5H3NvJ11ujN
|FZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQbzTYbghb1WVq2EHzE9ctOV7+M8v/Ke
|QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n
|/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd
|ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq
|2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y
|l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx
|hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG
|qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu
|b41fKA==
|<AlicePrivRSASign.pri

|* BobPrivDHEncrypt.pri
|* Creator: [JS]
|>BobPrivDHEncrypt.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgIPxngu7PSqbI5YPSjDuK0kUyEScybIbsZspxrfAZTfc=
|<BobPrivDHEncrypt.pri

|* BobPrivRSAEncrypt.pri
|* Creator: [JS]
|>BobPrivRSAEncrypt.pri
|MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf8qCTQV6meY
|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/
|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz
|jPHCyqaqfrAgMBAAECgYBnzUhMmg2PmMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngw
|y+e6alatd8brUXlweQqg9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A
|0HPfD6bRSeTmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N
|vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiEI2Kv8zHCue
|UCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr84/sajB0+E0R9KfEILVH
|IdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5qSO8bKlocSHseIVnDYDubl6nA7xhmqU
|5iUjiEzuUJiEiUacUgFJlaV/4jbOSnI3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVf
|JAZAcpw6iIWchw+dYhKIFmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grSta
|vCunrnVNqcBU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8
|Y0ZB9qANMAsGA1UdDzEEAwIAEA==
|<BobPrivRSAEncrypt.pri

|* CarlPrivDSSSign.pri
|* Creator: [JS]
|>CarlPrivDSSSign.pri
|MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQWAhQZ
|szilIWIxUOV/uT4IRnjRPrXlcg==
|<CarlPrivDSSSign.pri

|* CarlPrivRSASign.pri
|* Creator: [JS]
|>CarlPrivRSASign.pri
|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV
|y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ
|ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL
|kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8
|KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X
|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E
|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn
|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB
|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6
|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv
|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+
|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn
|0W2N+g==
|<CarlPrivRSASign.pri

|* DianePrivDHEncrypt.pri
|* Creator: [JS]
|>DianePrivDHEncrypt.pri
|MIIBYgIBADCCATcGByqGSM4+AgEwggEqAoGBAMpukcKwvahY8jEhdLsf5BC90JOifmHhPb
|ojBBbQZjm9O80FdEjxA3CV9AVjbS6/mrf/l/85u2PbTaRx2JSatPKKPZ+3XY3K4q+1D88F
|ZYJobkPS9ARfA4v5UPXIbAUmvL82D1zDUWpn6HUyZniRY+j+NOcZtnBseDg2gtI0NsLfAo
|GAbtZ2NkvkWQdXXxiaENIxXKYQsCaWQk18o6HTnqWAsh83EUl8ipnYVj+TUe1uVPtu27L8
|NMDnyh5YK9U9O9yucSHZO1a4p/ZNIlJfQbrVHoJpbN1wccxsO++EqXGLqTsqCfi9/ctRvC
|4uyj4wjPpUnn0NA+LfY2Jt81CCJ9zRmfcCIQCqBWX73U6oAvE0Oeej/H1GELhd8C7yxdFe
|onRM2g9OHwQiAiBYLomrVzR9PPWadct9mYoZLzx6poXJLxtaRwPjghbkmw==
|<DianePrivDHEncrypt.pri

|* DianePrivRSASignEncrypt.pri
|* Creator: [JS]
|>DianePrivRSASignEncrypt.pri
|MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANb9uMBwxkwl7OrP6ny7om
|L68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3KAq7+L9K
|TBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/HbdGlki0
|QdlV3NKMCFAgMBAAECgYA9vc3CDmEUW0vnv2AjBCvFazWllkUj/Gl9kzwP0yWWumJSQuKW
|z/5YgI/rsYy91A1l0Dp3RSSeDOuGgMOsIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/
|GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB
|kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7
|UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU
|gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl
|0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ
|2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem
|Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N
|xaxsv+U=
|<DianePrivRSASignEncrypt.pri

|* DianePrivDSSSign.pri
|* Creator: [JS]
|>DianePrivDSSSign.pri
|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8
|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5
|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh
|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb
|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0
|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA
|lpX54MHgQS0yD4tCUpMq5h4OISk=
|<DianePrivDSSSign.pri

|* EricaPrivDHEncryptBobParam.pri
|* Creator: [JS]
|>EricaPrivDHEncryptBobParam.pri
|MIIBYwIBADCCATgGByqGSM4+AgEwggErAoGBAOwszaTvmiYvYqe7I03fKyXBaNKeqUVbNv
|GUiRqvfREknT25PCno1yOAM6aeRQK7qsyeKAWVoLMXdsH3JTVhAkGSJwxerkjl824475HR
|zzf+mkCXyC01np2TxvgVrz/adDq3xJO1ubt2bB+ofrw6qkMKgWT8Y/B7cZj6wDh5EBozAo
|GBALoL13Q95zTlTBOnlZa78eRhNwj7Esf7nJF3Bpk18EgkljMSAX6N7Av2ssBjpxXFXpWG
|onPFSUY3eWD9dwUJSJtwjTwF9s5ELH99GysV3fMFL76FII+N+bSgRXQr9DudQmI0JyeBjm
|8PXmKFicztIcORcAZU7nCoklVbbhkiTWKnAiEAw6tKMHmz05dOyvWifcdwo0Xzs6KGBdI+
|Sfmf2Qqzvr0EIgIgSGQR5BcBEubB05xwfXyml5W9yJUH989BEacTkfswPYw=
|<EricaPrivDHEncryptBobParam.pri

|* MailListTripleDES.bin
|* Creator: [JS]
|>MailListTripleDES.bin
|JV4NHAe2Rt+zE0zIQ7qKpx8CW3wIOCUf
|<MailListTripleDES.bin

|* MailListRc2.bin
|* Creator: [JS]
|>MailListRc2.bin
|tw0KJfvJ2GqGBQzg1xHq1Nk=
|<MailListRc2.bin

Examples from section 3.3 (certificates)

|* AliceDSSSignByCarlNoInherit.cer
|* Creator: [JS]
|>AliceDSSSignByCarlNoInherit.cer
|MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2
|MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO
|FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL
|VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW
|a4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1ni
|zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bU
|mJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1
|FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8
|i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE
|8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1wbG
|VzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6C
|Lm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYHKo
|ZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwaV/
|KC27
|<AliceDSSSignByCarlNoInherit.cer

|* AliceRSASignByCarl.cer
|* Creator: [JS]
|>AliceRSASignByCarl.cer
|MIICAjCCAW+gAwIBAgIQRjRrx4AAVrwR024uxBCzsDAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQD
|EwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f0
|6wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8Zo
|bwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSF
|KMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYD
|VR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc
|7sPKA64/9QMAkGBSsOAwIdBQADgYEAvzQy5vxqiEF98FyZoZO3SbcCUh7LhKyT11grAKGc
|xEhImd0Cw8YF+NIl8aOcyTMBinYOb3dDo7/h5rNqBHk57uHp5Z1QB4si3BJQ4/O0PZ7lk5
|6xzTP54KuYcQn467D8nOzxiNiuA9H+YOFiFLGiI9LIjRgfXu6bcgInwoU9BC4=
|<AliceRSASignByCarl.cer

|* BobDHEncryptByCarl.cer
|* Creator: [JS]
|>BobDHEncryptByCarl.cer
|MIIDYjCCAyGgAwIBAgICAMkwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAxMTgyOFoXDTM5MTIzMTIzNTk1OVowEDEOMAwGA1UEAxMFYm9iREgwggJCMIIB
|twYHKoZIzj4CATCCAaoCgYEA7CzNpO+aJi9ip7sjTd8rJcFo0p6pRVs28ZSJGq99ESSdPb
|k8KejXI4Azpp5FAruqzJ4oBZWgsxd2wfclNWECQZInDF6uSOXzbjjvkdHPN/6aQJfILTWe
|nZPG+BWvP9p0OrfEk7W5u3ZsH6h+vDqqQwqBZPxj8HtxmPrAOHkQGjMCgYEAugvXdD3nNO
|VME6eVlrvx5GE3CPsSx/uckXcGmTXwSCSWMxIBfo3sC/aywGOnFcVelYaic8VJRjd5YP13
|BQlIm3CNPAX2zkQsf30bKxXd8wUvvoUgj435tKBFdCv0O51CYjQnJ4GObw9eYoWJzO0hw5
|FwBlTucKiSVVtuGSJNYqcCIQDDq0owebPTl07K9aJ9x3CjRfOzooYF0j5J+Z/ZCrO+vQJh
|ATT+wjNI6/Y7l9nkl6dgpSVpNPv9RirWycTF99b0BBmNlNmKN2hpZ1X78msOR8VbC0sOHB
|qLe3W3qsOq1+s72iqNAoc3R4PXMbQlqKy7EYhTHBGStmnnLpDBevyH9PbXGjAaAxUAuf8c
|k0RnN9Gy+FeaMkrJSv877B4CAR0DgYQAAoGAb9T2zZSabq9bVxeWdbsPuUjpkDcNFSDCVR
|4T4q5xF4TDDnSuilV/KH2L1yginHZG1ztPndFNG7LbUZTFbVSWQDiKOIFjSozDHgmJdKZY
|1chaPc+7uCN/nB99ePqe+ZCekedLwqS+RQZ4Qlg9n2Ms74TUZ+X7xm2iNilnkEbbTkijfz
|B9MB0GA1UdEQQWMBSBEmJvYkRoQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1Ud
|DwEB/wQEAwIDCDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFg
|QUJv8ZSMNZM2hWjX7IgGhczzxy3SYwCQYHKoZIzjgEAwMwADAtAhQV6hVD40kihsG75drk
|DrgJ4NVyNQIVAK5PUSlzcXWpgevtnV4AGX7w3lrW
|<BobDHEncryptByCarl.cer

|* BobRSASignByCarl.cer
|* Creator: [JP]
|>BobRSASignByCarl.cer
|MIICADCCAW2gAwIBAgIQRjRrx4AAVrwR024uzV1x0DAJBgUrDgMCHQUAMBIxEDAOBgNVBA
|MTB0NhcmxSU0EwHhcNOTkwOTE5MDEwOTAyWhcNMzkxMjMxMjM1OTU5WjARMQ8wDQYDVQQD
|EwZCb2JSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKnhZ5g/OdVf8qCTQV6meY
|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/
|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz
|jPHCyqaqfrAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgUgMB8GA1Ud
|IwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBTo9Lhn2LOWpCrzEaop05
|Vahha0JDAJBgUrDgMCHQUAA4GBAAkhajtiUN9iQV4SQAkUw7XkKC5Qd/pWZrOilrYKAa6m
|OOW9a+fyPm2wpe/Mh6yrJaS72uIagbe5FbNs2tET1Z8P1Ut6jVTYWtwHAdEFQQ0KYUeA8X
|UP+CIbUJIz/ggFUG17AwAD8S1L/iBixyB3BUIj26jHrd5xG9EqmYKmZet+
|<BobRSASignByCarl.cer

|* CarlDSSSelf.cer
|* Creator: [JS]
|>CarlDSSSelf.cer
|MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOT
|kwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCC
|ASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd
|SxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVR
|l1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCz
|Rgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrh
|bT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR
|+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNm
|oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/n
|XA+87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN
|G6lNiZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAg
|GGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup
|8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs=
|<CarlDSSSelf.cer

|* CarlRSASelf.cer
|>CarlRSASelf.cer
|MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4G
|A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2
|5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt
|4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds
|TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
|AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL
|ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d
|P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre
|Z019v6WuoUQWNdzb7IDsHaao1TNBgC
|<CarlRSASelf.cer

|* DianeDHEncryptByCarl.cer
|* Creator: [JS]
|>DianeDHEncryptByCarl.cer
|MIIDZTCCAyWgAwIBAgICANMwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTY1N1oXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRGlhbmVESDCCAkEw
|ggG2BgcqhkjOPgIBMIIBqQKBgQDKbpHCsL2oWPIxIXS7H+QQvdCTon5h4T26IwQW0GY5vT
|vNBXRI8QNwlfQFY20uv5q3/5f/Obtj202kcdiUmrTyij2ft12NyuKvtQ/PBWWCaG5D0vQE
|XwOL+VD1yGwFJry/Ng9cw1FqZ+h1MmZ4kWPo/jTnGbZwbHg4NoLSNDbC3wKBgG7WdjZL5F
|kHV18YmhDSMVymELAmlkJNfKOh056lgLIfNxFJfIqZ2FY/k1HtblT7btuy/DTA58oeWCvV
|PTvcrnEh2TtWuKf2TSJSX0G61R6CaWzdcHHMbDvvhKlxi6k7Kgn4vf3LUbwuLso+MIz6VJ
|59DQPi32NibfNQgifc0Zn3AiEAqgVl+91OqALxNDnno/x9RhC4XfAu8sXRXqJ0TNoPTh8C
|YQEwzQOCzT8yOl8WXvITX1Ib3/+qOwY8f4EmHLcMoBQJG10m/XEzjPKsQX4NrDWVkH6lra
|tVUIDw0rkqEU12RXY/DDiuclnG7L3v525gI5O5JwJEfkrT2jk6mmNDPBsjxWIwGgMVAND9
|1uBGl9Gnf7v/mkPwYmSzfJerAgF6A4GEAAKBgGBebu9hVXc/nWoREPTTybhyoB+J3+S8If
|3kn1DWj475Z5cU4DQZjz1YUh7cXQVOT8aIhXisAWw1zoZtkEtYSC4PsuMqTkfDsU0qesm3
|5cZoinOuUyGzzwnEYqPosLvc3g0uZkg3qNuiS/vb+qaSS0EKxlQLixqdL/9gCwsI2UI/o4
|GBMH8wHwYDVR0RBBgwFoEUZGlhbmVEaEBleGFtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAO
|BgNVHQ8BAf8EBAMCAwgwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR
|0OBBYEFEfzT811fahSIahhNle1+Jru2zBGMAkGByqGSM44BAMDLwAwLAIUfWQeH0vz7G80
|LLLkZHCPPmrAcqICFEvqwQzxzfd6nXbKJ27QvvLYm2pt
|<DianeDHEncryptByCarl.cer

|* DianeDSSSignByCarlInherit.cer
|* Creator: [JS]
|>DianeDSSSignByCarlInherit.cer
|MIIBujCCAXmgAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw
|CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo
|pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+
|/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYMwgYAwIAYDVR
|0RBBkwF4EVZGlhbmVEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
|BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJ
|l9XNxFC5k6Ui8Wv1hQ3c4rGDAJBgcqhkjOOAQDAzAAMC0CFH4MDIEXtJpUssMw64rEPMJS
|Np6VAhUAxp8XwnFLrC45jT0QH5qzTbb5EaM=
|<DianeDSSSignByCarlInherit.cer

|* DianeRSASignEncryptByCarl.cer
|* Creator: [JS]
|>DianeRSASignByCarl.cer
|MIICCjCCAXOgAwIBAgIQRjRrx4AAVrwR024u1ZowkDANBgkqhkiG9w0BAQUFADASMRAwDg
|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxOTA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEzERMA8G
|A1UEAxMIRGlhbmVSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANb9uMBwxkwl7O
|rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3
|KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/
|HbdGlki0QdlV3NKMCFAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXg
|MB8GA1UdIwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBSM88t1Do0x9t
|Qp2kSSdbj+7U85DDANBgkqhkiG9w0BAQUFAAOBgQAds1GxmZbwRKjrFOr8wt+4M0sCPEHf
|41N/6jR//NURDQAEiLjtvCNFA27xU7LAOxli3Nzhiv6n/KXXl9slfPMwxWOnOEqrJSEkgM
|fYeIKMU+o+L2MQZtMnVZrc7zVe9iNx5v94e6lPe38uucRCc1dPqvgEtA3HU4jE8JIoM0RQ
|oQ==
|<DianeRSASignByCarl.cer

|* EricaDHEncryptByCarl.cer
|* Creator: [JS]
|>EricaDHEncryptByCarl.cer
|MIIC6TCCAqigAwIBAgICANQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT
|k5MDgxNzAyMTcxNloXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHRXJpY2FESDCCAcQw
|ggE4BgcqhkjOPgIBMIIBKwKBgQDsLM2k75omL2KnuyNN3yslwWjSnqlFWzbxlIkar30RJJ
|09uTwp6NcjgDOmnkUCu6rMnigFlaCzF3bB9yU1YQJBkicMXq5I5fNuOO+R0c83/ppAl8gt
|NZ6dk8b4Fa8/2nQ6t8STtbm7dmwfqH68OqpDCoFk/GPwe3GY+sA4eRAaMwKBgQC6C9d0Pe
|c05UwTp5WWu/HkYTcI+xLH+5yRdwaZNfBIJJYzEgF+jewL9rLAY6cVxV6VhqJzxUlGN3lg
|/XcFCUibcI08BfbORCx/fRsrFd3zBS++hSCPjfm0oEV0K/Q7nUJiNCcngY5vD15ihYnM7S
|HDkXAGVO5wqJJVW24ZIk1ipwIhAMOrSjB5s9OXTsr1on3HcKNF87OihgXSPkn5n9kKs769
|A4GFAAKBgQDRK+QdProYz3Ugxsdew8Rs6vMj2QkfRpj0zlm5ts7oOsYY+Fl3G5mw2tzAnQ
|nkr/lhkSxHzEde3yszdvNn7HfoLDcwoYld88j2XBZK5LeM9XvVOP0UrOh6wn3uB5AnCnyH
|qKLicDXqbt6eUDFr6QnaJRoBjuP/Jhx19cPOWvWehaOBgTB/MB8GA1UdEQQYMBaBFGVyaW
|NhRGhAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgMIMB8GA1Ud
|IwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBSNUx1hVX9gNW2mNqLFk/
|ia/cB1dDAJBgcqhkjOOAQDAzAAMC0CFD5RQgjjUi6qu4+9GDhxy5iDvkeeAhUAtLMVhZkR
|BkAfQFmN1BstzYHx6Gg=
|<EricaDHEncryptByCarl.cer

Examples from seciton 3.4 (CRLs)

|* CarlDSSCRLEmpty.crl
|* Creator: [JS]
|>CarlDSSCRLEmpty.crl
|MG0wLjAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgyMDA3MDAwMFowCQ
|YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D
|XW/eZSh9
|<CarlDSSCRLEmpty.crl

|* CarlDSSCRLForAll.crl
|* Creator: [JS]
|>CarlDSSCRLForAll.crl
|MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj
|BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05
|OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD
|BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv
|ftok8yqDnDWh
|<CarlDSSCRLForAll.crl

|* CarlDSSCRLForCarl.crl
|* Creator: [JS]
|>CarlDSSCRLForCarl.crl
|MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjUwNzAwMDBaMB
|QwEgIBARcNOTkwODIyMDcwMDAwWjAJBgcqhkjOOAQDAzAAMC0CFQCzH8VPej3sdtVg+d55
|IuxPsJD+lwIUWovDhLxmhxu/eYJbCl0H9rqpBSk=
|<CarlDSSCRLForCarl.crl

|* CarlRSACRLEmpty.crl
|* Creator: [JS]
|>CarlRSACRLEmpty.crl
|MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD
|AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E
|PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa
|/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ==
|<CarlRSACRLEmpty.crl

|* CarlRSACRLForAll.crl
|* Creator: [JS]
|>CarlRSACRLForAll.crl
|MIIBMzCBnTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDYXJsUlNBFw05OTA4MjcwNz
|AwMDBaMGkwIQIQRjRrx4AAVrwR024uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW
|vBHTbi7VmjCQFw05OTA4MjIwNzAwMDBaMCECEEY0a8eAAFa8EdNuLs1dcdAXDTk5MDgyND
|A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu7l8jc6vH6ZhYwDrWe
|XPCB1F6zbsGIa4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt
|PMZssR2QsQR3etTyLZ5X8w8lv8lFGlWHY7H6hGph/2od5Voe0xiGmXDwjT1AxgWx4=
|<CarlRSACRLForAll.crl

|* CarlRSACRLForCarl.crl
|* Creator: [JS]
|>CarlRSACRLForCarl.crl
|MIHsMFcwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODI1MDcwMD
|AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE
|BQADgYEAIe8h1MEahZVJa8pFYtzXCf+pUS6O2UcY+vjlct1P7XR04/NlMmUoLJodV+XVJg
|bq1eYjlYSNDome7psML84H96PRa4VMD//m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH
|E1WUBW4qAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY=
|<CarlRSACRLForCarl.crl

Examples from the rest of the document, by section

|* Example from section 4.1
|* Creator: [JS]
|>4.1.bin
|MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA
|AAAA==
|<4.1.bin

|* Example from section 4.2
|* Creator: [JS]
|>4.2.bin
|MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu
|<4.2.bin

|* Example from section 5.1
|* Creator: [JP]
|>5.1.bin
|MIIDmQYJKoZIhvcNAQcCoIIDijCCA4YCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxYzBhAgEBMBgwEjEQMA4G
|A1UEAxMHQ2FybERTUwICAMgwBwYFKw4DAhowCQYHKoZIzjgEAwQuMCwCFEcZ4Q66GUuZDX
|DAwYJcQBpB4drDAhRUtCFV6bCO4SGMgGNh/SffxQNA8g==
|<5.1.bin

|* Example from section 5.2
|* Creator: [JS]
|>5.2.bin
|MIIDMAYJKoZIhvcNAQcCoIIDITCCAx0CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa
|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICDjCCAgowggFzoAMCAQICEEY0
|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw
|05OTA4MTkwNzAwMDBaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf
|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3
|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1
|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ
|ABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAn
|rHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwDQYJKo
|ZIhvcNAQEFBQADgYEAUv+zi1QeCL/zbQwSCH2Oy25Z7FaTpkoiQF+LFHl+g0/1P94hlxZY
|cHYysiBRoxofl0iAXIOwuJMLA0Suv76kjAbGReKBCNWJWAwoGy2lixxK49dENNTLU/y6qY
|uqtumww6t08SrxsMY46ocCHhC7mcS+NsAIuhNlNz428zFCcxgxgcswgcgCAQEwJjASMRAw
|DgYDVQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7EELOwMAkGBSsOAwIaBQAwDQYJKoZIhv
|cNAQEBBQAEgYAvI4LS8wlfuAxY606dv4mageV1xJE909DVe7bV/pShiqzjxIT1zWBOJ5X2
|zwCGdnU/K/Dn1AJnp/XHjRYEpbO159ky8CTv5yBE1Z8HxVMk+s4BHQ8XE6cqlZ0r5AOVFA
|vpOQ26zm6cngzomOZVE9Rob9AH16KxYkzjj6/94NVdxw==
|<5.2.bin

|* Example from section 5.3
|* Creator: [JS]
|* Creator: [JP]
|>5.3.bin
|MIIDegYJKoZIhvcNAQcCoIIDazCCA2cCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg
|LiMIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X
|DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg
|G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//
|lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6
|iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya
|RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1
|nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8
|bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV
|p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b
|Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD
|KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFWFsaWNlRHNzQGV4YW1w
|bGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD
|6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wCQYH
|KoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFufSMCMocECnETq6aGHwa
|V/KC27MWQwYgIBATAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqG
|SM44BAMELzAtAhQijPnHgGw4iuPFpDIVUwJABh4yMQIVAICLWoZaCkuT1rXcJADnLSncp7
|za
|<5.3.bin

|* Example from section 5.4
|* Creator: [JP]
|>5.4.bin
|MIIKqQYJKoZIhvcNAQcCoIIKmjCCCpYCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCB4cwggICMIIBb6ADAgECAhBGNGvH
|gABWvBHTbi7EELOwMAkGBSsOAwIdBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw05OTA5MT
|kwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGfMA0GCSqG
|SIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3UpDQUubR
|LfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP19wUFk99e
|ujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQABo2AwXj
|AMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprT
|TPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMioqjzkWdzuw8oDrj/1AwCQYFKw4DAh0FAA
|OBgQC/NDLm/GqIQX3wXJmhk7dJtwJSHsuErJPXWCsAoZzESEiZ3QLDxgX40iXxo5zJMwGK
|dg5vd0Ojv+Hms2oEeTnu4enlnVAHiyLcElDj87Q9nuWTnrHNM/ngq5hxCfjrsPyc7PGI2K
|4D0f5g4WIUsaIj0siNGB9e7ptyAifChT0ELjCCApswggJaoAMCAQICAQEwCQYHKoZIzjgE
|AzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNjIyNTA1MFoXDTM5MTIzMTIzNTk1OV
|owEjEQMA4GA1UEAxMHQ2FybERTUzCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQC2SRg+ikTB
|KXGUTAHEEsF6ectUTasegfvGTLMOlAkG6wHUschxS8dFwFAlXZz82uRt0+KGSISCfboVlU
|oW9kbt3faY0rt+igqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a3qiqIrWhr4vM
|Aojni3Bfua3hCNRtKS3W6QIVAN3BL99Tzgs0YHc+AqS/il2YuRDVAoGADO5Xm0u92rYHan
|Q3T1V/ne28YQ3rRlk8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMGrIwinZxEhwvH
|zfAc2bVOXXPerw7JHVpR9U9EeTVac6p/RlEfqUIWnEjrinlhtNUvUyJEYx+GuKNYBiX4Kc
|DvuuB18ELEY2VSmwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbU1HbbFiCenYrh7y
|OrSUsaOOeptxTgCUybQlTrlglhkkAfNiDP51wPvO2GgA4/3VcE/fI5YZBpT0sWGPOlexCB
|GkCyYl8FJ2geoLYg2VKuaGunKyp1CDC6onzRupTYma140YOYQ/i8VWTYB6o0IwQDAPBgNV
|HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUcEQ+gi5vh95K03XjPS
|C8QyuT8R8wCQYHKoZIzjgEAwMwADAtAhRrqfBOelp54/m+PSvJBjfpERehEwIVAI80aSqL
|sTwDeZQyTRIfzon7RrI7MIIC3jCCAp2gAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQ
|QDEwdDYXJsRFNTMB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UE
|AxMIQWxpY2VEU1MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5
|PdDteoDuxTxauECE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyR
|CJWb3qde+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15A
|mWXPN+W9sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkE
|AjVc8ssaMMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FO
|nOLl2jB80jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5
|ujY5A4GEAAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5V
|G/+onyohs+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoV
|i/G7NNTSljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GDMIGAMCAGA1UdEQQZMBeBFW
|FsaWNlRHNzQGV4YW1wbGVzLmNvbTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAf
|BgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcK
|TOEwHi/eOX/s0wCQYHKoZIzjgEAwMwADAtAhUAmLDGP89xR1o1qUqPwPgkBehGlI4CFFuf
|SMCMocECnETq6aGHwaV/KC27oYHbMIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2
|FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05
|OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMD
|BaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW
|+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMYIB7jCCAeoCAQEwGDASMRAwDgYDVQ
|QDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGqBfMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEw
|HgYJKoZIhvcNAQkFMREYDzIwMDEwNDA2MTkyNDAwWjAjBgkqhkiG9w0BCQQxFgQUQGrsCF
|J5um4WAi2eBinAIpaH3UgwCQYHKoZIzjgEAwQwMC4CFQCfH8FAUCvOOr1Dv9uLfa+CtPYf
|ygIVAJm+AcCVPI2Px4IC284OqS8/AIn6oYIBIjCCAR4GCSqGSIb3DQEJBjGCAQ8wggELAg
|EBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uxBCzsDAHBgUrDgMCGqBF
|MB4GCSqGSIb3DQEJBTERGA8yMDAxMDQwNjE5MjQwMFowIwYJKoZIhvcNAQkEMRYEFH2xVD
|ajDobMj6BbxGdhcazDv39cMAsGCSqGSIb3DQEBAQSBgNP5zJJRPT6+cGzMIvyosTZynOf0
|T1MJkvF7O9/Fs7Qe7/zHZ36oIBUrzEn0dIgA+DmuEVKY/cFLzQHg7SG1nIvVClWxTrZ/L9
|rFoDqg5FTEkWK8s2GP+8LE9Vm0/rUQGl2uKpFhwkuzY5+TBq07w1jegkunADZNOD7k5gKy
|BtoV
|<5.4.bin

|* Example from section 5.5
|* Creator: [JS]
|>5.5.bin
|MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF
|RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCCA/0wggHrMIIBVKADAgEC
|AhBGNGvHgABWvBHTbi6f8lAgMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0
|EwHhcNOTkwODE4MDcwMDAwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsUlNB
|MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkS/8YuCRX9Hf/bnN7k3FcvDMakpJyI9
|hBRtDNEToEs46vgp29UR4XevJ2LCuGOae9140aU+zkANXo7KI2se3iUOIyCYo/n5klj7hO
|q7l91ZZl2hagxb4OrkRb7170pynLgt2sROmqk5QpDvgY1shXXvJ2xPIRYDi5Gzwdl8lq8Q
|IDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
|6eCQJ6x4IHqa00zyQjdOIq6eOLswDQYJKoZIhvcNAQEFBQADgYEAt57UBNPtKeT/iYkVLk
|zbDPBIDzJh7sQE7BJdLf8PZFl+CsPtGP3jVkA3pwe18DgSYVDt790/4wu4YaWkmzzmnpxU
|mraV1tpsO7UtRTWdSQF2+rm5Mfn5axJToPUUYJt9yj7yU2uwN2+t5nTX2/pa6hRBY13Nvs
|gOwdpqjVM0GAIwggIKMIIBc6ADAgECAhBGNGvHgABWvBHTbi7EELOwMA0GCSqGSIb3DQEB
|BQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOTkwODE5MDcwMDAwWhcNMzkxMjMxMjM1OT
|U5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL
|6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcFBZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xt
|LHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAaNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ
|8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQJ6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYE
|FHfStNG3TIqKo85Fnc7sPKA64/9QMA0GCSqGSIb3DQEBBQUAA4GBAFL/s4tUHgi/820MEg
|h9jstuWexWk6ZKIkBfixR5foNP9T/eIZcWWHB2MrIgUaMaH5dIgFyDsLiTCwNErr++pIwG
|xkXigQjViVgMKBstpYscSuPXRDTUy1P8uqmLqrbpsMOrdPEq8bDGOOqHAh4Qu5nEvjbACL
|oTZTc+NvMxQnMYMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR
|024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gMWOtOnb+Jmo
|HldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBKWztefZMvAk
|7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/QB9eisWJM44
|+v/eDVXccAAAAAAAA=
|<5.5.bin

|* Example from section 5.6
|* Creator: [JP]
|>5.6.bin
|MIIFvAYJKoZIhvcNAQcCoIIFrTCCBakCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCBKAwggG6MIIBeaADAgECAgIA0jAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBA4GFAAKBgQCg
|ABd4LO5+gVMuLmEID6GbUVIa2lmocy8SJbYIy8rvKkR2ilIJ6r0FItUP9v1G16+ZOAkOE8
|tPLN0cNPccvyX/I9M7WeeClze+MSTYGMjzSTlbt+LlJ378jEVyW34+j2hN3UZ6Ir6O/8za
|OSmjOeWfQ+lVyddbpoFnzMCqzS7FI6OBgzCBgDAgBgNVHREEGTAXgRVkaWFuZURzc0BleG
|FtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU
|cEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFGQwmX1c3EULmTpSLxa/WFDdzisYMA
|kGByqGSM44BAMDMAAwLQIUfgwMgRe0mlSywzDrisQ8wlI2npUCFQDGnxfCcUusLjmNPRAf
|mrNNtvkRozCCAt4wggKdoAMCAQICAgDIMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybE
|RTUzAeFw05OTA4MTcwMTEwNDlaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNl
|RFNTMIIBtjCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8
|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8
|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh
|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD
|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4
|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAAC
|gYBc47ladRSWC6l63eM/qeysXty9txMRNKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPi
|R9PQeNW2PIu0WloErjhdbOBoA/6CN+GvIkq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY3
|9mFHssQyhPB+QUD9RqdjTjPypeL08oPluKOBgzCBgDAgBgNVHREEGTAXgRVhbGljZURzc0
|BleGFtcGxlcy5jb20wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgw
|FoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3jl/
|7NMAkGByqGSM44BAMDMAAwLQIVAJiwxj/PcUdaNalKj8D4JAXoRpSOAhRbn0jAjKHBApxE
|6umhh8GlfygtuzGBxzBhAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICAMgwBwYFKw4DAh
|owCQYHKoZIzjgEAwQuMCwCFHvrXYINF/HWV9YO05EOJak7JnkDAhQykqv1FKKPZ2FxzCIX
|f96UknjYzjBiAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwICANIwBwYFKw4DAhowCQYHKo
|ZIzjgEAwQvMC0CFDhBZop/RV8uGuz4xYcG8RUHpTYGAhUAhp3uL7MDcT6iS/j8Kqa1lYGQ
|FZ8=
|<5.6.bin

|* Example from section 5.7
|* Creator: [JP]
|>5.7.bin
|MIIDlQYJKoZIhvcNAQcCoIIDhjCCA4ICAQMxCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxXzBdAgEDgBS+bKGz48H3
|7UNwpM4TAeL945f+zTAHBgUrDgMCGjAJBgcqhkjOOAQDBC4wLAIUBT5Z3v3y94L6v3VmKu
|GW7OetoXgCFEv0Ypbua4GvRjTF5CcgIWRIRHEk
|<5.7.bin

|* Example from section 5.8
|* Creator: [JP]
|>5.8.eml
|VG86IFVzZXIyDUZyb206IFVzZXIxDVN1YmplY3Q6IEV4YW1wbGUgNS44DURhdGU6IFR1ZS
|wgMTkgSnVuIDIwMDEgMTg6MTI6NTUgLTAzNjAgKENlbnRyYWwgU3RhbmRhcmQgVGltZSkN
|Q29udGVudC1UeXBlOiBtdWx0aXBhcnQvc2lnbmVkOw0JbWljYWxnPVNIQTE7DQlib3VuZG
|FyeT0iLS0tLT1fTmV4dEJvdW5kcnlfX19fVHVlLF8xOV9KdW5fMjAwMV8xODoxMjo1NSI7
|DQlwcm90b2NvbD0iYXBwbGljYXRpb24vcGtjczctc2lnbmF0dXJlIg0NVGhpcyBpcyBhIG
|11bHRpLXBhcnQgbWVzc2FnZSBpbiBNSU1FIGZvcm1hdC4NDS0tLS0tLT1fTmV4dEJvdW5k
|cnlfX19fVHVlLF8xOV9KdW5fMjAwMV8xODoxMjo1NQ1Db250ZW50LVR5cGU6IHRleHQvcG
|xhaW47IGNoYXJzZXQ9aXNvLTg4NTktMQ1Db250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA3
|Yml0DQ1UaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuDS0tLS0tLT1fTmV4dEJvdW5kcn
|lfX19fVHVlLF8xOV9KdW5fMjAwMV8xODoxMjo1NQ1Db250ZW50LVR5cGU6IGFwcGxpY2F0
|aW9uL3BrY3M3LXNpZ25hdHVyZTsgbmFtZT1zbWltZS5wN3MNQ29udGVudC1UcmFuc2Zlci
|1FbmNvZGluZzogYmFzZTY0DUNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZp
|bGVuYW1lPXNtaW1lLnA3cw0NTUlJRGVnWUpLb1pJaHZjTkFRY0NvSUlEYXpDQ0EyY0NBUU
|V4Q1RBSEJnVXJEZ01DR2pBTEJna3Foa2lHOXcwQkJ3R2dnZ0xpTUlJQw0zakNDQXAyZ0F3
|SUJBZ0lDQU1nd0NRWUhLb1pJempnRUF6QVNNUkF3RGdZRFZRUURFd2REWVhKc1JGTlRNQj
|RYRFRrNU1EZ3hOekF4DU1UQTBPVm9YRFRNNU1USXpNVEl6TlRrMU9Wb3dFekVSTUE4R0Ex
|VUVBeE1JUVd4cFkyVkVVMU13Z2dHMk1JSUJLd1lIS29aSXpqZ0UNQVRDQ0FSNENnWUVBZ1
|kzTjdZUHFDcDQ1UHNKSUtLUGtSNVBkRHRlb0R1eFR4YXVFQ0UvL2xPRnpTSDRNMXZORVNO
|SCtuNitrb1lrdg00ZGt3eURiZVA1dS90MHpjWDJtSzVIWFFOd3lSQ0pXYjNxZGUrZnowbn
|kvZFE2aUxWUEUvc0FjSVIwMWRpTVBEdGJQalZRaDExVGwyDUVNUjR2Zitkc0lTWE4vTGtV
|UnUxNUFtV1hQTitXOXNDRlFEaVI2WWFSV2E0RThiYWo3ZzNJU3RpaS9lVHpRS0JnQ1k0ME
|JTSk1xbzUNK3o1dDJVdFpha3gySXprRUFqVmM4c3NhTU1NZVVGM2RtMW5pemFvRlBWakFl
|NkkydUc0SHIzMktRaVduOUhYUFNnaGVTejZRK0czcQ1uTWtoaWp0MkZPbk9MbDJqQjgwam
|hiZ3ZNQUY4YlVtSkVZazJSTDM0eUpWS1UxYTE0dmx6N0JwaE5oOFJmOEs5N2RGUS81aDB3
|dEdCDVNtQTV1alk1QTRHRUFBS0JnRnpqdVZwMUZKWUxxWHJkNHorcDdLeGUzTDIzRXhFMH
|BoYUpLQkVqMlRTR1ozVjFFeEk5UTF0djVWRy8NK29ueW9ocytKSDA5QjQxYlk4aTdSYVdn
|U3VPRjFzNEdnRC9vSTM0YThpU3JVeHE0SncwZTd3aS9aaFNBWEdLc1pmb1ZpL0c3Tk5UUw
|1samYyWVVleXhES0U4SDVCUVAxR3AyTk9NL0tsNHZUeWcrVzRvNEdETUlHQU1DQUdBMVVk
|RVFRWk1CZUJGV0ZzYVdObFJITnpRR1Y0DVlXMXdiR1Z6TG1OdmJUQU1CZ05WSFJNQkFmOE
|VBakFBTUE0R0ExVWREd0VCL3dRRUF3SUd3REFmQmdOVkhTTUVHREFXZ0JSd1JENkMNTG0r
|SDNrclRkZU05SUx4REs1UHhIekFkQmdOVkhRNEVGZ1FVdm15aHMrUEI5KzFEY0tUT0V3SG
|kvZU9YL3Mwd0NRWUhLb1pJempnRQ1Bd013QURBdEFoVUFtTERHUDg5eFIxbzFxVXFQd1Bn
|a0JlaEdsSTRDRkZ1ZlNNQ01vY0VDbkVUcTZhR0h3YVYvS0MyN01XUXdZZ0lCDUFUQVlNQk
|l4RURBT0JnTlZCQU1UQjBOaGNteEVVMU1DQWdESU1BY0dCU3NPQXdJYU1Ba0dCeXFHU000
|NEJBTUVMekF0QWhRSnR4WFkNYW43bFg3V0Z6MDJXNnB2R1pKb1hyUUlWQUt3VVJIaW93b0
|9CeG5DYXM5MlFVbHh4c28rQw0NLS0tLS0tPV9OZXh0Qm91bmRyeV9fX19UdWUsXzE5X0p1
|bl8yMDAxXzE4OjEyOjU1LS0NDQ==
|<5.8.eml

|* Example from section 5.9
|* Creator: [JP]
|>5.9.eml
|VG86IFVzZXIyDUZyb206IFVzZXIxDVN1YmplY3Q6IEV4YW1wbGUgNS45DURhdGU6IFR1ZS
|wgMTkgSnVuIDIwMDEgMTg6MTI6NTUgLTAzNjAgKENlbnRyYWwgU3RhbmRhcmQgVGltZSkN
|Q29udGVudC1UeXBlOiBBcHBsaWNhdGlvbi9wa2NzNy1taW1lO25hbWU9c21pbWUucDdtO2
|ZpbGVuYW1lPXNtaW1lLnA3bTsNCW1pY2FsZz1TSEEtMTsNCXByb3RvY29sPWFwcGxpY2F0
|aW9uL3BrY3M3LXNpZ25hdHVyZQ1Db250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiBiYXNlNj
|QNDU1JSURtUVlKS29aSWh2Y05BUWNDb0lJRGlqQ0NBNFlDQVFFeENUQUhCZ1VyRGdNQ0dq
|QXJCZ2txaGtpRzl3MEJCd0dnSGdRY1ZHaHANY3lCcGN5QnpiMjFsSUhOaGJYQnNaU0JqYj
|I1MFpXNTBMcUNDQXVJd2dnTGVNSUlDbmFBREFnRUNBZ0lBeURBSkJnY3Foa2pPT0FRRA1N
|Qkl4RURBT0JnTlZCQU1UQjBOaGNteEVVMU13SGhjTk9Ua3dPREUzTURFeE1EUTVXaGNOTX
|preE1qTXhNak0xT1RVNVdqQVRNUkV3DUR3WURWUVFERXdoQmJHbGpaVVJUVXpDQ0FiWXdn
|Z0VyQmdjcWhrak9PQVFCTUlJQkhnS0JnUUNCamMzdGcrb0tuamsrd2tnb28rUkgNazkwTz
|E2Z083RlBGcTRRSVQvK1U0WE5JZmd6VzgwUkkwZjZmcjZTaGlTL2gyVERJTnQ0L203KzNU
|TnhmYVlya2RkQTNESkVJbFp2ZQ1wMTc1L1BTZkw5MURxSXRVOFQrd0J3aEhUVjJJdzhPMX
|MrTlZDSFhWT1hZUXhIaTkvNTJ3aEpjMzh1UlJHN1hrQ1paYzgzNWIyd0lWDUFPSkhwaHBG
|WnJnVHh0cVB1RGNoSzJLTDk1UE5Bb0dBSmpqUUZJa3lxam43UG0zWlMxbHFUSFlqT1FRQ0
|5Wenl5eG93d3g1UVhkMmINV2VMTnFnVTlXTUI3b2phNGJnZXZmWXBDSmFmMGRjOUtDRjVM
|UHBENGJlcWN5U0dLTzNZVTZjNHVYYU1IelNPRnVDOHdBWHh0U1lrUg1pVFpFdmZqSWxVcF
|RWclhpK1hQc0dtRTJIeEYvd3IzdDBWRC9tSFRDMFlGS1lEbTZOamtEZ1lRQUFvR0FYT081
|V25VVWxndXBldDNqDVA2bnNyRjdjdmJjVEVUU21Gb2tvRVNQWk5JWm5kWFVURWoxRFcyL2
|xVYi82aWZLaUd6NGtmVDBIalZ0anlMdEZwYUJLNDRYV3pnYUENUCtnamZocnlKS3RUR3Jn
|bkRSN3ZDTDltRklCY1lxeGwraFdMOGJzMDFOS1dOL1poUjdMRU1vVHdma0ZBL1VhblkwNH
|o4cVhpOVBLRA01YmlqZ1lNd2dZQXdJQVlEVlIwUkJCa3dGNEVWWVd4cFkyVkVjM05BWlho
|aGJYQnNaWE11WTI5dE1Bd0dBMVVkRXdFQi93UUNNQUF3DURnWURWUjBQQVFIL0JBUURBZ2
|JBTUI4R0ExVWRJd1FZTUJhQUZIQkVQb0l1YjRmZVN0TjE0ejBndkVNcmsvRWZNQjBHQTFV
|ZERnUVcNQkJTK2JLR3o0OEgzN1VOd3BNNFRBZUw5NDVmK3pUQUpCZ2NxaGtqT09BUURBek
|FBTUMwQ0ZRQ1lzTVkvejNGSFdqV3BTby9BK0NRRg02RWFVamdJVVc1OUl3SXlod1FLY1JP
|cnBvWWZCcFg4b0xic3hZekJoQWdFQk1CZ3dFakVRTUE0R0ExVUVBeE1IUTJGeWJFUlRVd0
|lDDUFNZ3dCd1lGS3c0REFob3dDUVlIS29aSXpqZ0VBd1F1TUN3Q0ZESk84R3E1d3FZR3Ru
|aUFlZGRxSzk5SDZ6RTlBaFJrLzAzZ3ZEY2YNdS9nVDVwak9zczh3NjRFa0l3PT0NDQ0N
|<5.9.eml

|* Example from section 5.10
|* Creator: [JP]
|>5.10.bin
|MIIFGAYJKoZIhvcNAQcCoIIFCTCCBQUCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LjGCBMYwggTCAgEBMBgwEjEQMA4GA1UE
|AxMHQ2FybERTUwICAMgwBwYFKw4DAhqgggRbMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBw
|EwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMDgGAyqrMzExBC9UaGlz
|IGlzIGEgdGVzdCBHZW5lcmFsIEFTTiBBdHRyaWJ1dGUsIG51bWJlciAxLjA6BgsqhkiG9w
|0BCRACBDErMCkMIENvbnRlbnQgSGludHMgRGVzY3JpcHRpb24gQnVmZmVyBgUqAwYFBDBK
|BgkqhkiG9w0BCQ8xPTA7MAcGBSoDBAUGMDAGBioDBAUGTQQmU21pbWUgQ2FwYWJpbGl0aW
|VzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbQYLKoZIhvcNAQkQAgIxXjFcAgEBBgcqAwQFBgcI
|MTEwL4AIKgMEBQYHhnihIxMhVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEx
|tUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRFU1QwbwYLKoZIhvcNAQkQAgoxYDBeBgUqAwQF
|BgQrQ29udGVudCBSZWZlcmVuY2UgQ29udGVudCBJZGVudGlmaWVyIEJ1ZmZlcgQoQ29udG
|VudCBSZWZlcmVuY2UgU2lnbmF0dXJlIFZhbHVlIEJ1ZmZlcjBzBgsqhkiG9w0BCRACCzFk
|oGIwWjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCF
|ZEQSBTaXRlMQwwCgYDVQQLEwNWREExEjAQBgNVBAMTCURhaXN5IFJTQQIEClVEMzCB/AYL
|KoZIhvcNAQkQAgMxgewwgekwgeYEBzU3MzgyOTkYDzE5OTkwMzExMTA0NDMzWqGByTCBxq
|RhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhW
|REEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IERTQaRhMF8xCz
|AJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQLEwhWREEgU2l0
|ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTCCAQIGCyqGSIb3DQ
|EJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkxPDA6gAgqAwQFBgeGeKEuEyxFUVVJVkFMRU5U
|IFRISVMgSVMgQSBURVNUIFNFQ1VSSVRZLUNBVEVHT1JZLhMmRVFVSVZBTEVOVCBUSElTIE
|lTIEEgUFJJVkFDWSBNQVJLIFRFU1QxeQIBAQYHKgMEBQYHCjE8MDqACCoDBAUGB4Z4oS4T
|LEVRVUlWQUxFTlQgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEy1FUVVJVk
|FMRU5UIFRISVMgSVMgQSBTRUNPTkQgUFJJVkFDWSBNQVJLIFRFU1QwCQYHKoZIzjgEAwQw
|MC4CFQDX6xg4wO5LLUo9d7f+W4PZZ2jgNAIVAIgDSMwKcMdfiWuZEEodu5hhBgjD
|<5.10.bin

|* Example from section 5.11
|* Creator: [JP]
|>5.11.bin
|MIIGigYJKoZIhvcNAQcCoIIGezCCBncCAQExADALBgkqhkiG9w0BBwGgggWBMIICmzCCAl
|qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE2MjI1
|MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCCASsGByqGSM
|44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAdSxyHFLx0XA
|UCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEK
|lQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+K
|XZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7
|krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuK
|eWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb
|vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj
|/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifNG6lNiZrXjR
|g5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1Ud
|DgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup8E56Wnnj+b
|49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjswggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbuhgdswgdgwgZkwCQYHKoZI
|zjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjcwNzAwMDBaMGkwEwICAMgXDTk5MD
|gyMjA3MDAwMFowEwICAMkXDTk5MDgyMjA3MDAwMFowEwICANMXDTk5MDgyMjA3MDAwMFow
|EwICANIXDTk5MDgyMjA3MDAwMFowEwICANQXDTk5MDgyNDA3MDAwMFowCQYHKoZIzjgEAw
|MvADAsAhR+ZVJ2M/40cxfR95b5oNTYbVx9PQIUAnpbt9VbGMHPh+9+2iTzKoOcNaExAA==
|<5.11.bin

|* Example from section 6.1
|* Creator: [JP] (after [JS])
|>6.1.bin
|MIIBqgYJKoZIhvcNAQcDoIIBmzCCAZcCAQIxggFLoYIBRwIBA6CBlaGBkjAJBgcqhkjOPg
|IBA4GEAAKBgES5JjITd62IzfWfS02pbP84YOuEq0Xmo/TilCeX8I0ppesfIZFoWDnI8knY
|mdtIqJ5HpZ4GvrT0oIYBEMRQ+7H1MYgSexUYcPhyCGVPUaejlhjoebSmbPG3emEm9q9NNE
|Ii3YDzx0LOahyMpiTpVGqgZ7GA3ruwxP68RUzS7DV0oUIEQKl0xOmqedPOXHSk7aXbZfXA
|N9aB8QqTXySh25eW7oeLedvpBxEjznAkhDByAoPVfWDT1PanTUzC4In6zVkgopMwHgYLKo
|ZIhvcNAQkQAwUwDwYLKoZIhvcNAQkQAwYFADBGMEQwGDASMRAwDgYDVQQDEwdDYXJsRFNT
|AgIAyQQol6Icmx1yA0z6H87aroVJ4Q0yBJeAQ8sASWA2p91LDuXWqHu6ZpSXpzBDBgkqhk
|iG9w0BBwEwFAYIKoZIhvcNAwcECDfnftcWF8isgCBq8riaWGWyrfQ6oDGyvfdSeusr+wR3
|D+JZxjO7Bf0M6g==
|<6.1.bin

|* Example from section 6.2
|* Creator: [JS]
|>6.2.bin
|MIAGCSqGSIb3DQEHA6CAMIACAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJsUlNBAh
|BGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAXN5tddBe5mh2EUcbW4kuVa1z
|BaooAvgC2k3+9DUgDmto69YrrohYOtOsA3swXohEO/8z3N28vZHDnfVzbjPknyxCoI4ldC
|kmUHFwL1EIri1ewaUWBjNPqSMKM+WWO9D4g74KKQEKz1MTkhim97E8gnhZZ8hl5CYOUjcA
|UOo5I+cwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjh0evgJspYSaCABCACOgoLvrcxHd
|TD68qRGK2Jey34sfv9vypSgXfan0l/AAAAAAAAAAAAAAA=
|<6.2.bin

|* Example from section 6.3
|* Creator: [JS]
|>6.3.bin
|MIIBJAYJKoZIhvcNAQcDoIIBFTCCARECAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX
|JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAXv3R/XHjtD63WYas
|cGyE13/2+U54a+awtR7V+0N2pyJpZ8nicIlz5GnzWUN3SQSzAMn37kEy5kxax0Cvh+znMg
|0eiXqX0/VqdagMTVm3kpviSmQuc2dM5i/6nj+0ETznOkwjFk/pJ+7Z5R9mV/xD6Tgc713J
|jpdGLGsZcxgYWOowSQYJKoZIhvcNAQcBMBoGCCqGSIb3DQMCMA4CAgCgBAicBNIZLipVoY
|AgAIOpJxXq1dxqqOdN6Prq96jWPUxSYsuJ6Dnh8Xflq/c=
|<6.3.bin

|* Example from section 6.4
|* Creator: [JP]
|>6.4.bin
|MIIC9wYJKoZIhvcNAQcDoIIC6DCCAuQCAQIxggKYoYIBSAIBA6CBlqGBkzAJBgcqhkjOPg
|IBA4GFAAKBgQCdbqpNVTUFZmX3oGR1mWf7Tk9TVTR6hSGVK35iPN4KySAcTIBHPqZf9UsH
|EiZ0vti4LizqRSEFyH36aG4jRocP0tCoiw7eTX0s81F2n1j38nsjMNchU5ApmlteZBwN/3
|7rnTXftdOj/zAiuK8xCcKOv8i9UfInpc00EbVMK79oGKFCBECDFBrYRijveD/IHik7FPj+
|FjYubzXIKWCKxmq/SOZ222p8GDYTRyDiXzkIwgSX8/zmw291Tskwl7FBa6HoUNbHMB4GCy
|qGSIb3DQEJEAMFMA8GCyqGSIb3DQEJEAMGBQAwRjBEMBgwEjEQMA4GA1UEAxMHQ2FybERT
|UwICANMEKDhzky1Gg8F+6mBrQc9ybzUNWbHjxQlZlOKC7Rj+Jhu8RoEbhZpWPzyhggFIAg
|EDoIGWoYGTMAkGByqGSM4+AgEDgYUAAoGBALpYk4u8MVn5z/cjOnd1y/SbfF5T63OUT+V1
|VUhNUMSvcWmHyry1W2M7mg6l0POX2xhRwMs1pQcgIXkCB67KJu5Erpw3N4vIRbNiT6SHDh
|F+SJa2o3Tg9J9dJsHofry/s0zrSlpYyxLoPkI8mdyz03pP0wiDdmtz5rAI63YOuEBMoUIE
|QP/eiHo/qkTYEBSmKXLQCEyarH00tWhNCO3LSCpw1nrFQZuuxgMj8Ic/wVVNb+D/52sc71
|TtxFLdkAQlXvJDwRkwHgYLKoZIhvcNAQkQAwUwDwYLKoZIhvcNAQkQAwYFADBGMEQwGDAS
|MRAwDgYDVQQDEwdDYXJsRFNTAgIAyQQoIZ9l8JcEwId+2Wki46GAsolO1n2zVd4jqlusDh
|crRROpJLwJNQDmkjBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECLia7T9eZxGKgCDqqtjE
|cWPkMZYREuSOhGDwoBQC+SN54j3z/OOmdP0lOA==
|<6.4.bin

|* Example from section 6.5
|* Creator: [JP]
|>6.5.bin
|MIIBrQYJKoZIhvcNAQcDoIIBnjCCAZoCAQIxggFOoYIBSgIBA6CBlaGBkjAJBgcqhkjOPg
|IBA4GEAAKBgCHKVaMQM9OFoaZK2BiFExXXRaUXlN1nW+1DA+E24y7d+Tw4Zbk0ZokpDX5v
|hXL53eRifsOe88Q4OWrqTgeDuEQjf779Ao9IlUjQLL8C7s2pruMg/SArer2sWYhi9UiFJq
|AgK/WWAkoa/KEPj5AD7pFBRt6n5XkwN4rLQT9m8/cHMB4GCyqGSIb3DQEJEAMFMA8GCyqG
|SIb3DQEJEAMGBQAwgYwwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBChzJjprl/lQOr
|hqjedHWLpMC03HJKITIm86k3DsLBfRa4AaueN5uKZ7MEQwGDASMRAwDgYDVQQDEwdDYXJs
|RFNTAgIA1AQorIS/KLUZVhm38r0yWVqexn71ldzxIIAVwryVRz6S7s+2QY9Fg8nIXzBDBg
|kqhkiG9w0BBwEwFAYIKoZIhvcNAwcECMrUyMIptPqsgCACGOJ8GSE0zEOIiEX2fq2rlypD
|EeZFARE6wtgpbU1seA==
|<6.5.bin

|* Example from section 6.6
|* Creator: [JS]
|>6.6.eml
|U3ViamVjdDogVGVzdCBzdWJqZWN0DQpNSU1FLVZlcnNpb246IDEuMA0KQ29udGVudC1UeX
|BlOiBhcHBsaWNhdGlvbi94LXBrY3M3LW1pbWU7DQoJbmFtZT0ic21pbWUucDdtIjsNCglz
|bWltZS10eXBlPWVudmVsb3BlZC1kYXRhDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOi
|BiYXNlNjQNCkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7DQoJZmlsZW5hbWU9
|InNtaW1lLnA3bSINClgtTWltZU9MRTogUHJvZHVjZWQgQnkgTWljcm9zb2Z0IE1pbWVPTE
|UgVjUuMDAuMjExNS4zMDANCg0KTUlBR0NTcUdTSWIzRFFFSEE2Q0FNSUFDQVFJeGdnRmRv
|WUlCQkFJQkE2Q0JsYUdCa2pBSkJnY3Foa2pPUGdJQkE0R0VBQUtCZ0UzNA0KOE84V1lrYi
|ttaDlKeXdJbUlKMWowUElqODRTbnBLY2xxTzMxRWNTY1p6a1NpUVFQK2dxcGhJbWZFd0lH
|aDdQN3l3dW9GdXhkb3Q4Qw0KMlgvbkR1YmhycktJbUczWjk2aC9GQWg2L3JnQTZQMTByMn
|llc1YxUXZxZkdnWUJoOStvOXpxL1MxK1E4c3NGSDlqMW5aelRMTEwzcg0Kckc4VzR6dG11
|NHFYK1E4OU1COEdDeXFHU0liM0RRRUpFQU1GTUJBR0N5cUdTSWIzRFFFSkVBTUhBZ0U2TU
|VZd1JEQVlNQkl4RURBTw0KQmdOVkJBTVRCME5oY214RVUxTUNBZ0RKQkNoVEV2L0lpWWI1
|OGZKcEJjMU1RQUoxRlNHMzNMZEZicFJxOFFpck1VMTJKaUhkOXFBSg0Kamo5Q29sTUNBUV
|F3RXdRUlRXRnBiRXhwYzNSVWNtbHdiR1ZFUlZNd0R3WUxLb1pJaHZjTkFRa1FBd1lGQUFR
|by9KVjI1cWlwc2xidQ0KdWJaRExzbEVCOTNZNHJHdE9KSHB5bU51K3U1RmU3YnB5cFZ0an
|c0VldqQ0FCZ2txaGtpRzl3MEJCd0V3R1FZSUtvWklodmNOQXdJdw0KRFFJQk9nUUlqM2hQ
|OUZnMnlFcWdnQVFnNGxZTE9nbjBOdU9yU0FMTHZ0TjROemVWdFlKMDdoc1cyT1o3RnFRTm
|11b0FBQUFBQUFBQQ0KQUFBQQ0K
|<6.6.eml

|* Example from section 6.7
|* Creator: [JS]
|>6.7.bin
|MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2
|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgJQmQojGi7Z4IP+C
|VypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQt9i3YcMwcap+aiOkyqjMalT03VUC0X
|BOGv+HYI3HBZm/aFzxoq+YOXAWs5xlGerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg
|+TGrnGVNQBNw47Ewoj4CAQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGH
|cUr5MSJ/g9HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC
|AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRRyw==
|<6.7.bin

|* Example from section 6.8
|* Creator: [JP]
|>6.8.eml
|VG86IFVzZXIyDUZyb206IFVzZXIxLA1TdWJqZWN0OiBFeGFtcGxlIDYuOA1EYXRlOiBUdW
|UsIDE5IEp1biAyMDAxIDE4OjEyOjU2IC0wMzYwIChDZW50cmFsIFN0YW5kYXJkIFRpbWUp
|DUNvbnRlbnQtVHlwZTogQXBwbGljYXRpb24vcGtjczctbWltZTtuYW1lPSJzbWltZS5wN2
|0iO2ZpbGVuYW1lPSJzbWltZS5wN20iDUNvbnRlbnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJh
|c2U2NA1Db250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50O2ZpbGVuYW1lPSJzbWltZS
|5wN20iDQ1NSUlCcXdZSktvWklodmNOQVFjRG9JSUJuRENDQVpnQ0FRSXhnZ0ZNb1lJQlNB
|SUJBNkNCbHFHQmt6QUpCZ2NxaGtqT1BnSUJBNEdGDUFBS0JnUURtSnloazRBV1o4Q1VFQ2
|swMy9jT21rRWMvamVZRjJ6aUlEMWhGN09MZFM2QUNxajJHODlGdjNQc0kycnlDY21XMVo2
|a0UNQjR5TDV4Z3UyaW5GcVlUdzRHc2lIZUZCTVpJaEIxbG5Tc0J5NWhnWFdkZVpvR01Qaz
|RVbkZEN3RlMzZkR0dWcHN3MHhBbnNPVHllMw1OL0EreHNCZXN0dElVOHBIQ2VEaUxibTFD
|cUZDQkVCVG9kWUZXMlBQcWVNVUlzS2tQNGxFN1JiNXRKRGJuQ1VjcGF2TkdoQlJyQWhJDW
|gxV0hSNW54WFNtUUU4bGxTaUY0ajJOVnJUWGhzcHdRNVc3VFJhOVFNQjRHQ3lxR1NJYjNE
|UUVKRUFNRk1BOEdDeXFHU0liM0RRRUoNRUFNR0JRQXdSakJFTUJnd0VqRVFNQTRHQTFVRU
|F4TUhRMkZ5YkVSVFV3SUNBTWtFS1BIcUJ1VHpCREdFVzVhRTlodUlqNlNuNk9WNg12MmJo
|aER2RERnZ1pzd2RtWnJBblF6dW8rWFF3UXdZSktvWklodmNOQVFjQk1CUUdDQ3FHU0liM0
|RRTUhCQWhGTUxlWHd0YzlTNEFnDUI0STl4NUhlK2ZFL1dHQTNtbXZUbk9Gd1lCOGNLVnB3
|dDBFSGk1emY1bDg9DQ0NDQ==
|<6.8.eml

|* Example from section 6.9
|* Creator: [JP]
|>6.9.bin
|MIIDUAYJKoZIhvcNAQcDoIIDQTCCAz0CAQIxggJ0MIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2
|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgCStqoi54n7p8hvT
|NCSx2Us2llv8acDspR7O+h8CSap4Oola697AfX6Qx0b+YxVRcrxNhXcgWB0zfdXeFqerul
|ibyl4DerLIOmMr4+tJnQyf4D87PXK3L9qZDcTHf8a5LONBjORpxKvZwRP0yy5iBUTqmicA
|O9PerQc9c8HgnnUqoYIBSQIBA6CBlqGBkzAJBgcqhkjOPgIBA4GFAAKBgQCeWz6Pqxtjmq
|6hRa/vPXeuUoA+K8FfL6GpczqykLdv/i8vAaqGw4E8AlJ9gkKptvGqbm/05ymB6h3/K0fJ
|E522UwWKoKqiY5MmWNtpZtwyV7ZQmZX/naUAy7J1uCGOpV190RE8ucOK68IALjeXhuxmUw
|hs6uV4qa6oHE5P3ofiVKFCBEBZRoLJeEQSBdah/cPnNok7BmeVMdBriJwzBvKymsjn0HAx
|wx2FMvRZOrV3Gtc9WG8HRIhXxZjDQPuZm4wN4TQYMB8GCyqGSIb3DQEJEAMFMBAGCyqGSI
|b3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MCAgDJBCh5Vvf4JZUZjVrW
|fbEtq+QH7t9Ovv2wpHBGGeTm80UcGUOJCXJYJwHjomUCAQQwJAQRTWFpbExpc3RUcmlwbG
|VERVMYDzE5OTUxMjMwMjM1OTU5WjAQBgsqhkiG9w0BCRADBwIBOgQoOtezZTFqz5tXQdb+
|SUlaCcZpVMIrGwcm6kMTUUxRZwLF7L9upnyXmzBIBgkqhkiG9w0BBwEwGQYIKoZIhvcNAw
|IwDQIBOgQIxClXlGMzCHuAIAz1ljxbAsfc5TlCTHabd/iNBFeiMSkbK949TSUPuOVcoXYw
|OAYDKqszMTEEL1RoaXMgaXMgYSB0ZXN0IEdlbmVyYWwgQVNOIEF0dHJpYnV0ZSwgbnVtYm
|VyIDEuMDoGCyqGSIb3DQEJEAIEMSswKQwgQ29udGVudCBIaW50cyBEZXNjcmlwdGlvbiBC
|dWZmZXIGBSoDBgUE
|<6.9.bin

|* Example from section 6.10
|* Creator: [JP]
|>6.10.bin
|MIIBrgYJKoZIhvcNAQcDoIIBnzCCAZsCAQIxggFKoYIBRgIBA6CBk6GBkDAJBgcqhkjOPg
|IBA4GCAAJ/AtDxvpdUbH44ZE9RiQdvhGYNrt+Ux74qMk+Pj9fOGHJEalqQqNyjbKNzcVif
|ewYW9YclqTdo2XN+4cFIMR2rlIVCnThyvMt+EKMhqaij38fVyoLBE2HVqsYh5RTP5E7K/1
|ShB7DbLNr8PRjnE8vqvaM2T4q/40l3rrpZNRtBe6FCBEAR8dodtNjvnFNG/VIMkjg/7+ij
|8eAmbUSXe/118WVAiiLJDZK9qCJv9xzHHRXVfP9FiTb8o2i2SkEjlx2C/hyHMB8GCyqGSI
|b3DQEJEAMFMBAGCyqGSIb3DQEJEAMHAgE6MEYwRDAYMBIxEDAOBgNVBAMTB0NhcmxEU1MC
|AgDJBCg3k96ZW54kBcsYBeCW638LbAqxtejpdeJFGdZh7Z/FznM+oa2czn28MEgGCSqGSI
|b3DQEHATAZBggqhkiG9w0DAjANAgE6BAjAeqmHoFRrE4AgNJMV6AMeikmAEIgm49lrh2e7
|FzDzXAuoc6lSk7arMnM=
|<6.10.bin

|* Example from section 6.11
|* Creator: [JP]
|>6.11.bin
|MIHBBgkqhkiG9w0BBwOggbMwgbACAQIxZqJkAgEEMCQEEU1haWxMaXN0VHJpcGxlREVTGA
|8xOTk1MTIzMDIzNTk1OVowDwYLKoZIhvcNAQkQAwYFAAQodDHARVFMPC0u2mNQi67UrGTM
|la6vzQ+MtkgfC0USTfukq8eDMEtprTBDBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECEEecO
|x9VoDZgCDATH5uMelgREm54z4kptRYTV5lB2mlaak4831QyQmzwA==
|<6.11.bin

|* Example from section 7.0
|* Creator: [JS]
|>7.0.bin
|MF4GCSqGSIb3DQEHBaBRME8CAQAwBwYFKw4DAhowKwYJKoZIhvcNAQcBoB4EHFRoaXMgaX
|Mgc29tZSBzYW1wbGUgY29udGVudC4EFEBq7AhSebpuFgItngYpwCKWh91I
|<7.0.bin

|* Example from section 8.1
|* Creator: [JS]
|>8.1.bin
|MFcGCSqGSIb3DQEHBqBKMEgCAQAwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj
|EIToAg12/RF4+9AvhCMfXB0qL3SkFZSClk9nUkglQiPa+a+OQ=
|<8.1.bin

|* Example from section 8.2
|* Creator: [JP]
|>8.2.bin
|MIHRBgkqhkiG9w0BBwaggcMwgcACAQIwQwYJKoZIhvcNAQcGMBQGCCqGSIb3DQMHBAgJls
|N/J7+iKoAgt0jhRtUqiPasmj+aj7FX5tL8lWHq2Yp4V7TG8Smd2hyhdjA4BgMqqzMxMQQv
|VGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBU04gQXR0cmlidXRlLCBudW1iZXIgMS4wOgYLKo
|ZIhvcNAQkQAgQxKzApDCBDb250ZW50IEhpbnRzIERlc2NyaXB0aW9uIEJ1ZmZlcgYFKgMG
|BQQN
|<8.2.bin

|* Example from section 11.1
|* Creator: [JP]
|>11.1.bin
|MIIEXgYJKoZIhvcNAQcCoIIETzCCBEsCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEmMIIBIgIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIG+MBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMH0GCyqGSIb3
|DQEJEAIBMW4wbAQyRXhhbXBsZSAxMS4xIChBbGljZSBhc2tzIGZvciBhIHJlY2VpcHQgZn
|JvbSBEaWFuZSmhFzAVpBMwETEPMA0GA1UEAxMGQm9iUlNBMB0wG4EZcm9iZXJ0LmNvbGVz
|dG9ja0B3YW5nLmNvbTAJBgcqhkjOOAQDBC4wLAIUfE18/yCzpInfV19dTOY++O5Dxe4CFG
|SqaihfDPuN3TRhEhepf37cGhgS
|<11.1.bin

|* Example from section 11.2
|* Creator: [JP]
|>11.2.signedReceipt.bin
|MIIECAYJKoZIhvcNAQcCoIID+TCCA/UCAQMxCTAHBgUrDgMCGjCBhQYLKoZIhvcNAQkQAQ
|GgdgR0MHICAQEGCSqGSIb3DQEHAQQyRXhhbXBsZSAxMS4xIChBbGljZSBhc2tzIGZvciBh
|IHJlY2VpcHQgZnJvbSBEaWFuZSkELjAsAhR8TXz/ILOkid9XX11M5j747kPF7gIUZKpqKF
|8M+43dNGESF6l/ftwaGBKgggIEMIICADCCAW2gAwIBAgIQRjRrx4AAVrwR024uzV1x0DAJ
|BgUrDgMCHQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOTkwOTE5MDEwOTAyWhcNMzkxMj
|MxMjM1OTU5WjARMQ8wDQYDVQQDEwZCb2JSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
|AoGBAMpc4S7sz8E7XRAb31Q1cZkKCdg95GG/oL4KvhGkPLU4QUFIBOFbsRccU7X0xRXT/g
|z7DKzqgBg2A35Bk1PXQHRJ29nGr/7Wyg3KAYSPoemjACEnUdVAGarjwDB4W6Cy5sEtJDbL
|rkQQgrDddNf261Ensqe2rXjKpxtZURjvKAxTAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDg
|YDVR0PAQH/BAQDAgUgMB8GA1UdIwQYMBaAFOngkCeseCB6mtNM8kI3TiKunji7MB0GA1Ud
|DgQWBBTo9Lhn2LOWpCrzEaop05Vahha0JDAJBgUrDgMCHQUAA4GBAJj6r30hAaqziLzx7x
|JfTVgw2I5OvOEssn5oV40MQ1zXHkXR95Uz4qB1yhPIU7wzJpuzyFDfzYRqG+hIyELQgWNs
|Mxm+Amn2FjF/1JnfgHrzO/gbKX0mUTcDIj/2FT0w8zKK8a6X3tf1FqmnrccVr1M+qCWRss
|RfTmoVV0dQvLL6MYIBUzCCAU8CAQEwJjASMRAwDgYDVQQDEwdDYXJsUlNBAhBGNGvHgABW
|vBHTbi7NXXHQMAcGBSsOAwIaoIGIMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABATAeBg
|kqhkiG9w0BCQUxERgPMjAwMTA0MDYxOTMzMDBaMCMGCSqGSIb3DQEJBDEWBBQsuaHZdX8A
|IPk1t5XXg0cWTApaTDAlBgsqhkiG9w0BCRACBTEWBBS2w+V2jkNorSb+RYOQ0QBcsGkdFD
|ALBgkqhkiG9w0BAQEEgYAf3eO5cqgiJhVOjYIABzmw1hFygRB6iWbz55HsZ5uzy4ZZ2poD
|BPdiiBzcvBvdTT5VxHWFDJrzRRmuc9hYaDQ/MXKkNzbrQ0k/6D22oHz1KSm2WP3wX09SgM
|MwylLr4GqypnrmE0bSoF6DxV+duF+BVYTcAWZI61R/WVBmaSFjig==
|<11.2.signedReceipt.bin

|* Example from section 11.3
|* Creator: [JP]
|>11.3.bin
|MIIETwYJKoZIhvcNAQcCoIIEQDCCBDwCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEXMIIBEwIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIGuMBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMG0GCyqGSIb3
|DQEJEAICMV4xXAIBAQYHKgMEBQYHCDExMC+ACCoDBAUGB4Z4oSMTIVRISVMgSVMgQSBURV
|NUIFNFQ1VSSVRZLUNBVEVHT1JZLhMbVEhJUyBJUyBBIFBSSVZBQ1kgTUFSSyBURVNUMAkG
|ByqGSM44BAMELzAtAhQoFXy/YrEeCZe8SYGQz4pGfpT1XQIVAIgGwk7fTf1gScEhKQwETQ
|i321qS
|<11.3.bin

|* Example from section 11.4
|* Creator: [JP]
|>11.4.bin
|MIIFPAYJKoZIhvcNAQcCoIIFLTCCBSkCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggIEMIICAAIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIIBmzAYBgkqhkiG9w0BCQMxCwYJKo
|ZIhvcNAQcBMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofdSDBxBgsqhkiG
|9w0BCRACAjFiMWACAQEGByoDBAUGBwgxNTAzgAgqAwQFBgeGeKEnEyVCT0IgVEhJUyBJUy
|BBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuExtUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRF
|U1QwgeYGCyqGSIb3DQEJEAIJMYHWMIHTMWQCAQEGByoDBAUGBwgxNTAzgAgqAwQFBgeGeK
|EnEyVCT0IgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEx9CT0IgVEhJUyBJ
|UyBBIFBSSVZBQ1kgTUFSSyBURVNUMWsCAQEGByoDBAUGBwkxNTAzgAgqAwQFBgeGeKEnEy
|VCT0IgVEhJUyBJUyBBIFRFU1QgU0VDVVJJVFktQ0FURUdPUlkuEyZCT0IgVEhJUyBJUyBB
|IFNFQ09ORCBQUklWQUNZIE1BUksgVEVTVDAJBgcqhkjOOAQDBC4wLAIUFmxY0ndQeXCdUp
|nCOW6cSfsuzOwCFEJVQU9m8BXdRoYWPqO7S3xUyXsA
|<11.4.bin

|* Example from section 11.5
|* Creator: [JP]
|>11.5.bin
|MIIB+QYJKoZIhvcNAQcCoIIB6jCCAeYCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LjGCAacwggGjAgEBMBgwEjEQMA4GA1UE
|AxMHQ2FybERTUwICAMgwBwYFKw4DAhqgggE+MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBw
|EwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMIH8BgsqhkiG9w0BCRAC
|AzGB7DCB6TCB5gQHNTczODI5ORgPMTk5OTAzMTExMDQ0MzNaoYHJMIHGpGEwXzELMAkGA1
|UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQww
|CgYDVQQLEwNWREExFzAVBgNVBAMTDkJ1Z3MgQnVubnkgRFNBpGEwXzELMAkGA1UEBhMCVV
|MxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxETAPBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQL
|EwNWREExFzAVBgNVBAMTDkVsbWVyIEZ1ZGQgRFNBMAkGByqGSM44BAMELjAsAhQYaftiVf
|ptULJPZPEjcniFFHPJtwIUexXGMmL3knelG1iPtquMSdi6Wdo=
|<11.5.bin

|* Example from section 11.6
|* Creator: [JP]
|>11.6.bin
|MIIEVgYJKoZIhvcNAQcCoIIERzCCBEMCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg
|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuIwggLeMIICnaADAgECAgIAyDAJ
|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj
|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB
|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T
|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV
|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj
|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0
|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm
|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm
|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK
|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij
|gYMwgYAwIAYDVR0RBBkwF4EVYWxpY2VEc3NAZXhhbXBsZXMuY29tMAwGA1UdEwEB/wQCMA
|AwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0G
|A1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAJBgcqhkjOOAQDAzAAMC0CFQCYsMY/z3
|FHWjWpSo/A+CQF6EaUjgIUW59IwIyhwQKcROrpoYfBpX8oLbsxggEeMIIBGgIBATAYMBIx
|EDAOBgNVBAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaoIG2MBgGCSqGSIb3DQEJAzELBgkqhk
|iG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFEBq7AhSebpuFgItngYpwCKWh91IMHUGCyqGSIb3
|DQEJEAIMMWYwZDAwMC4ELFRISVMgSVMgQSBTSUdOSU5HIENFUlRJRklDQVRFIEFUVFJJQl
|VURSBURVNUMDAwLgYGKgMEBQYHMCQwIgYGKgMEBQYHBBhUSElTIElTIEEgUVVBTElGSUVS
|IFRFU1QwCQYHKoZIzjgEAwQuMCwCFG8G44EFvTAkLwnI62FX2il5CXmvAhQLes0xrGqHdm
|s9FwRTLfmqjqacxA==
|<11.6.bin


D. Acknowledgments

The following people contributed ideas and/or examples to this
document. They are listed by their real names, with the initials used
in the examples after their names.

Blake Ramsdell [BR]
Jim Schaad [JS]
John Pawling [JP]
Paul Hoffman [PH]

The examples are displayed with a modified version of Peter Gutmann's
"dumpasn1" program. Peter and Jim Schaad and Blake Ramsdell have been
updating the program based on input from the process of writing this
draft.

E. Differences between -07 and -08

Many places: Replaced BobPrivRSAEncrypt.pri, BobRSASignByCarl.cer, 6.2,
6.3, 6.7, and 7 with new files.

Intro: Added the reference to RFC 3029.

Changed "DH-DSS" to "DSS" in 5.1, 5.3, 5.4, 5.6, and 5.7.

5.6: "Two SignedDatas" changed to "Two signerInfos".

5.11: Added "Alices's and Carl's" to the description.

Removed the "x-" from the application/pkcs7-stuff in examples 5.8 and
6.6 and 6.8. Also removed the "X-MimeOLE" from example 6.6.

9: Got rid of the actual examples and put in text saying that they
don't exist.

Fixed a formatting problem in the binary version of 11.4 in Appendix
C.


F. Editor's Address

Paul Hoffman
Internet Mail Consortium
127 Segre Place
Santa Cruz, CA  95060 USA
phoffman@imc.org

Html markup produced by rfcmarkup 1.108, available from http://tools.ietf.org/tools/rfcmarkup/