Consider the following construct:
Foo ::= SEQUENCE {
bar BarType OPTIONAL }
BarType ::= SEQUENCE OF OCTET STRING
The argument is that two possible encodings result if there is no value for
BarType:
1) no encoding for bar,
2) encode bar as a SEQUENCE of zero length.
Proponents of number 2 make two arguments in support:
Argument #1 - There is no language restraining such an interpretation.
Argument #2 - Clauses 15 and 17 of X.209. (see also 14 and 16)
SOAPBOX BEGIN
It is apparent to me that clauses 15 and 17 are restricted to
discussion of
encoding
the inner contents of the SEQUENCE, e.g. you already have decided to
encode
a SEQUENCE and now want to know what to do with the data. I assert
that in
the
above example you have decided not to encode the SEQUENCE and that the
clauses
do not apply. (This is probably a personal blind spot of mine ..)
SOAPBOX END
An interesting thought experiment came to me while driving home - replace the
SEQUENCE with another value; an INTEGER yielding:
BarType ::= INTEGER
A) Does anyone support an argument that an INTEGER of zero length is allowed
here ?
If the answer is yes then I forced to examine the following assertions:
1) X.209 is defective in that it doesn't make clear the use of the keyword
OPTIONAL
and doesn't address the issue of missing v. empty encodings.
2) DER is defective in that it doesn't recognize that two possible encodings
can arise
from specification of an OPTIONAL element and make restriction to a single
encoding.
3) Major portions of X.400, X.500, and other protocol specifications which
depend
on the canonical encoding of data to support digital signatures are defective
because
they use OPTIONAL instead of OPTIONAL DEFAULT {}.
If the answer to question A) is no, then I assert that it should apply to all
types. This
results in a single encoding for variants of OPTIONAL data and obviates
discussion of
the three assertions above.
John
PS: I will continue to make mine absent for the purposes of signing...