What I'm asking is this: You accepted the "PGP community's"
requirement to hide the public key. However, someone from the
PGP community recently said we DER is too complex and we should
encode the public key with the PGP method. But you did *not*
accept *this* requirement. Do you see what I'm asking? What
criteria were used to determine that hiding the public key is a
reasonable requirement, whereas using something simpler than DER
is not reasonable? Just saying "They wanted it" is not an
answer.
To everything that Ned as already said, let me say:
1. As I have said before, speaking personally, I do not accept the PGP
community's *requirement* to hide the public key. What I accept is
that if it is a tenable goal, then so be it. Otherwise I would kill
it in a heartbeat, notably because it has the look and feel of
security by obscurity.
2. As to the choice of ASN.1 encodings, PEM has always and will
continue to support certificates/CRLs. As such, there should always
be ASN.1 encoders and decoders available in an implementation.
Rather than requiring yet another encoding scheme (and yet another
interoperability point of failure) it seems more prudent to me to
re-use what is already available.
Jim