On Fri, 14 Jan 2011, Phillip Hallam-Baker wrote:
I suggest that the IAB consider a policy for registries that requires all
cryptographic and application layer code
points to make use of an approved extensible identifier format, with the two
approved forms being URIs and ASN.1 OIDs.
-1
Not technology agnostic.
Variable length instead of fixed length
A single byte or two bytes can work for anyone with any technology, now and 50
years from now.
The main impact of this would be felt in cryptographic protocols. Instead of
having separate private use code spaces
being maintained for IPSEC, DNSSEC, TLS and PKIX, each of the protocols would
be extended to allow the use of ASN.1 OIDs
(where these are not already used) for private code space. It would be up to
the developer of the algorithm to assign
the OID.
It's too late for that now anyway isn't it. The code path is there, and if you
want to be compatible
you have to implement it. Adding a second (complicated!) code path isn't going
to help anyone make it
easier.
The advantage of this approach would be that the 'vanity crypto' problem would
largely disappear. Particularly if the
IETF/SAAG took the approach that it would only recommend algorithms after it
was demonstrated that a very substantial
community were either using
catch-22. How can a substantial community use them before it has become a real
standard?
Let a hundred flowers bloom and then Darwin can take care from that point on.
I prefer my crypto more intelligently designed.
Paul
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf