[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Binary vs. ASCII for certificates

To: spki@c2.org
Subject: Re: Binary vs. ASCII for certificates
From: Greg Rose <Greg_Rose@sydney.sterling.com>
Date: Mon, 26 Feb 96 10:19:24 +1000
In-Reply-To: Your message of Sun, 25 Feb 96 00:27:46 EST. <v02140b03ad5596c9965d@[204.254.34.231]>
Sender: owner-spki@c2.org

Carl M. Ellison <cme@cybercash.com> wrote:
  At 21:51 2/24/96, Ron Rivest wrote:
  >(4) One must be careful to define what bytes are actually "present" in an
  >    ASCII encoding, since the contents will be digitally signed.  The
  >    treatment of whitespace, etc., needs to be carefully specified.

  Yes -- this is very important.

I disagree. PGP itself has a lesson for us here.
Make the transport layer ASCII, and easily
(lexically and syntactically) parsed, then
transform it into a defined binary structure
upon which the signature can be checked.
Actually that structure can be ASCII too, but the point is
to recognise it using some of the smarts we have
left over from compiler theory and compile
something which is rigorously defined.

For example, it would be relatively easy to do a
yacc grammar to recognise Carl's examples. If I
had a few more hours to spare, I'd do it, and I
will if the consensus settles a bit.

Greg.

Greg Rose               INTERNET: greg_rose@sydney.sterling.com  
Sterling Software       VOICE:  +61-2-9975 4777    FAX:  +61-2-9975 2921
28 Rodborough Rd.       http://www.sydney.sterling.com:8080/~ggr/
French's Forest         35 0A 79 7D 5E 21 8D 47  E3 53 75 66 AC FB D9 45
NSW 2086 Australia.     co-mod sci.crypt.research, USENIX Director.

References:

Re: Binary vs. ASCII for certificates

From: cme@cybercash.com (Carl Ellison)

Prev by Date: Re: encodings: do we need binary at all?
Next by Date: Re: going back to stone axes
Prev by thread: Re: Binary vs. ASCII for certificates
Next by thread: Re: Binary vs. ASCII for certificates
Index(es):
- Main
- Thread