At 11:48 PM 1/21/97 +0100, Dave Crocker wrote:
At 8:24 PM +0100 1/20/97, Housley, Russ wrote:
The use of "SEQUENCE OF" is necessary when order is important, but it can
also be used when order is not important. And, it has much less overhead
Just to see whether my interpretation of your statement is accurate:
Your view is that it is ok to impose a required order in all cases?
No. Just because the use of "SEQUENCE OF" will preserve the order chosen
by the sender does not mean that there is any semantic meaning to the
ordering.
I object to the use of "SET OF" with the Distinguished Encoding Rules (DER)
because it imposes an order. The "SET OF" encoding must place the
membership in sorted order.
When one of these constructs is digitally signed, the validator must
compute the hash (a.k.a. digest) over the same sequence of bits. In either
case, the cheapest processing to achieve this is to use the order presented
by the originator. In the "SEQUENCE OF" case, there is no laternative. In
the "SET OF" case, the recipient could re-sort the members, but there is no
need to do this if the order used bu the originator is preserved by the
ASN.1 software .
Russ