[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SDSI syntax

>The canonicalization procedure converts an arbitrary SDSI
>object into an octet string, using a fixed set of rules.  (Octet
>strings are represented as length:value, and lists are represented
>with parenthesization.) 

Are we likely to handle data sizes where length:value will become 
inconvenient? There is no real problem with a few KB but if we ended up
with blocks of several MB we might have problems. I can't think of any
such areas off hand but someone else might. References to objects should 
be via hash values so there should be no difficulty.

The main constraint from the systems point of view IMHO is that the
canonicalisation step be performable using a simple linear pass without
backtracking. IE we must not introduce any ASN.1 DER type nonsense.

In order to minimize IETF discussion it may be usefull for the paper to 
draw the canonicalisation rules together in an appendix. I looked for a section 
headed canonicalisation but didn't find one. Its odd how one changes mode from 
reading a paper in academic comment mode and in IETF mode.