[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: specification language?
Simon writes:-
>> How do folks feel about using Java as the specification language for
>> certificates?
>
>Java is a programming language, and it's data types are not very suitable
>for describing content encodings- even the java class file format isn't
>speced in java.
>
>better choices might be:
>
>1) something C like:
> typedef struct {
> string name;
> int version;
> public_key key;
> } certificate;
>
> typedef struct {
> int size;
> char data[size];
> } string;
In principle there is nothing wrong with using C for this, except that
C isn't very good at it. C deos not unambiguously define the sizes of its
data types not the byte ordering of its datums.
Having spent the past 24 hours on a bug due to 32/64 bit incompatibility in C
I'm none too keen on C lossage today. I don't see Java as being an improvement.
The big issues are can we canonicalize the data? do we need a special tool to
read the certs? Can we generate them without a complex processor?
These needs seem to take us down the road of an ASCII representation which is
very extensible. I see two possible candidates, we can try to hack arround with
RFC 822 headers or we can use s-expressions. I prefer the second (I think).
Certainly it would be an advantage to have a simple parse structure for the
certs so that they could be parsed and canonicalised in a simple one step
proceedure.
If we used LISP we could simply write out the expression into a stream as a
single line with no carriage returns and sign that.
Phill
Follow-Ups:
References: