[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SDSI syntax

SDSI's object are basically either octet-strings, or lists of octet
strings.  The canonicalization procedure converts an arbitrary SDSI
object into an octet string, using a fixed set of rules.  (Octet
strings are represented as length:value, and lists are represented
with parenthesization.)  So you need a hash algorithm that maps octet
strings to hash values.  Most hash algorithms are already defined this
way, so there is no definitional problem; the efficiency questions
come up in the choice of hash algorithm, if the algorithm favors one
end or another...


Return-Path: <frantz@netcom.com>
X-Sender: frantz@netcom9.netcom.com
Mime-Version: 1.0
Date: Tue, 30 Apr 1996 23:44:28 -0700
To: rivest@theory.lcs.mit.edu (Ron Rivest), spki@c2.org
From: frantz@netcom.com (Bill Frantz)
Subject: Re: [hallam@w3.org: Re: [ses@tipper.oit.unc.edu: Re: SDSI syntax]  ]

At  2:18 PM 4/30/96 -0400, Ron Rivest wrote:
>Phill Hallam-Baker suggests that one should sign a "canonical" form
>of an object.  I fully agree.  Which form it is doesn't matter too much.
>The SDSI paper proposes representing all octet-strings in verbatim form,
>and then hashing that.  I think it is best if the quantity to be hashed
>is easily derivable from the INTERNAL representation; then the EXTERNAL
>(ASCII) representation can be redefined to suit one's taste or needs.

Do we run the risk of needing to decide byte sex issues (AKA bigendian vs.
littleendian)?  Or does everything we are interested in hash the same on
both kinds of machines?  (I assume there are no machines that have 60 bit
words, 7 bit characters etc. of interest anymore.)

Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA