[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Canonical encoding for hash values

A concern was raised that one-pass hashing should be very easy to do,
and that the proposed SDSI canonical form might make this difficult,
because the length precedes the data in the verbatim encoding.

This is easy to fix, if it is really an issue.  Two approches come to mind:
	(1) Use the hex format for octet strings in canonical encodings,
            since it doesn't have a length field.
        (2) Break verbatim strings up into fragments of at most 4096 bytes
            each.  SDSI has a mechanism for fragmentation: follow each
            fragment but the last with a minus sign.
                     a- b- c   is the same as    abc
            For this purpose, every fragment but the last should have length
            exactly 4096 bytes.

I prefer the second alternative, since it is more compact.