[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Binary vs. ASCII for certificates
Carl M. Ellison <email@example.com> wrote:
At 21:51 2/24/96, Ron Rivest wrote:
>(4) One must be careful to define what bytes are actually "present" in an
> ASCII encoding, since the contents will be digitally signed. The
> treatment of whitespace, etc., needs to be carefully specified.
Yes -- this is very important.
I disagree. PGP itself has a lesson for us here.
Make the transport layer ASCII, and easily
(lexically and syntactically) parsed, then
transform it into a defined binary structure
upon which the signature can be checked.
Actually that structure can be ASCII too, but the point is
to recognise it using some of the smarts we have
left over from compiler theory and compile
something which is rigorously defined.
For example, it would be relatively easy to do a
yacc grammar to recognise Carl's examples. If I
had a few more hours to spare, I'd do it, and I
will if the consensus settles a bit.
Greg Rose INTERNET: firstname.lastname@example.org
Sterling Software VOICE: +61-2-9975 4777 FAX: +61-2-9975 2921
28 Rodborough Rd. http://www.sydney.sterling.com:8080/~ggr/
French's Forest 35 0A 79 7D 5E 21 8D 47 E3 53 75 66 AC FB D9 45
NSW 2086 Australia. co-mod sci.crypt.research, USENIX Director.