Regarding "a bunch of people who use ASN.1", the IEEE P1363 WG on public-key
cryptography standards is getting ready to deploy another project "ASN.1 Syntax
for P1363" that basically covers all public-key cryptosystems. Thus, I expect
that there will be more people using ASN.1 in the cryptographic framework.
It is not very likely - like it or not - that ASN.1 in cryptography will go
away. It may not be the best method, but it is there, and we have to use it for
a while.
Regarding an RFC interpreting ASN.1, this may be a good opportunity to, in a
way, combine the P1363 effort and a possible RFC on ASN.1/BER/DER.
Any thoughts on such an RFC ?
- Tolga
Marc Branchaud <marcnarc(_at_)xcert(_dot_)com> 8/16/99 16:25:38 >>>
There seems to be some strong opinions that an ASN.1-Internet
reconciliation is a pointless and futile task. I can live with that,
but I'd like to try to explain my objective one more time before it gets
thrown out with the bath water. (On top of that, this topic is a bit
off for S/MIME -- but things are slow these days anyway.)
My basic premises are these:
1. There are a bunch of people who use ASN.1.
2. There are a bunch of other people who don't like ASN.1 because it is
very difficult to look at some ASN.1 code and figure out what the bits
on the wire will look like. (There may be many more people who don't
like ASN.1 for other reasons, but I'm not trying to deal with them
here.)
3. The people using ASN.1 would like to see their ASN.1-based protocols
widely adopted.
Given these premises (which weren't founded on any facts and may or may
not reflect any reality anywhere), it seems to me that if there were a
version of ASN.1 that was easier to interpret then the people in my
second premise would be happier and the goal in the third premise might
be more achievable.
It also seems to me that such an ASN.1 "lite" could be defined that
would still be standard ASN.1, especially if the PER rules were used.
So I'm not suggesting a Grand Unified Syntax that will bring peace to
the world. I'm not trying to replace ABNF or S-expressions or
whatever-your-favorite-protocol-definition-language-is. I'm just trying
to make ASN.1 easier to digest for people who haven't read X.whatever.
Or am I the only one who thinks it's a bit weird that the IETF is
pushing protocols defined in ASN.1 without having an RFC that explains
how to interpret them?
Marc
+------------------------------------------------------------------------+
Marc Branchaud \/
Chief PKI Architect /\CERT INTERNATIONAL
INC.
marcnarc(_at_)xcert(_dot_)com PKI References page:
www.xcert.com
604-640-6227 www.xcert.com/~marcnarc/PKI/
+------------------------------------------------------------------------+
PGP key fingerprint: 60 11 4B 9D 4E E5 2F 47 BD C5 C2 BF 26 DF 5A E1