Hi there!
I'm currently facing some problems when we try to add a DSS to a timestamped document. Afterwards the timestamp is not marked as LTV in Acrobat and if we try to re-add the verification data via Acrobat it crashes. You can find the document in question here.
If I add the verification data to the initial version of the file via Acrobat, there's no problem.
I compared the DSS structure (actually I didn't left the Certs in the VRI entry which is done by Acrobat but this didn't makes a difference to the actual situation) and the OCSP response in detail and noticed that there's only a single strange difference:
This part represents the nonce extension in two ocsp responses (left by Acrobat - working, right by a webservice - not working). The extnValue isn't a valid ASN.1 structure which makes me thinks that this is the problem? The webservice/nonce in the request is out of our scope so I cannot play with this. I just want to ask if anybody can confirm that this little nonce value will let Acrobat crash and will ignore the response completely?
Any comment is welcome!
Thanks
Jan