[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Photuris

To: ipsec@ans.net
Subject: Photuris
From: rivest@theory.lcs.mit.edu (Ron Rivest)
Date: Fri, 13 Oct 95 00:33:46 EDT


Page 11: Section 2.5 (Variable-Precision Numbers)

	You might also leave an "escape" for longer numbers.  I always
        worry about fixed upper bounds on the lengths of things.  In the
        case of Photuris, for example, a single such variable-length
        number is supposed to be able to contain a certificate chain.
	When everyone is done throwing everything they think they want
        in the certificates (e.g. explicit statements of certification
        policies translated into all languages), certificates might be
        a lot bigger than we expect, and we might overrun this limit with
	a long certificate chain.  (I hope not, but I see no reason to 
	needlessly restrict this here...)

	There are lots of standard techniques for handling such things
	(presumably ASN.1 DER has one such technique), or you could
	do something ad-hoc (reserve 0xFFFF to mean that the length
        is in the next four bytes, followed by the value, etc..)

Prev by Date: Photuris
Next by Date: Photuris
Prev by thread: Photuris
Next by thread: Photuris
Index(es):
- Main
- Thread