[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: specification language?

On Thu, 7 Mar 1996, Andy Brown wrote:
> So, we must first decide what purpose these PK certificates are to
> serve and then decide what mandatory information they must carry in
> order to serve those purposes, then what optional information they
> may carry in order to enhance their utility.  Then, and only then,
> is it time to start arguing about how to write it down formally.

I think the answer to this question will have a lot in common with the 
answer to 'why not just use X.509?'. 

I also think that a lot of useful answrs can be drawn from the experience 
of LDAP (things like flatening names into an ascii string, instead of 
X.500 plain and simples nested sequence of sets of sets of sequences of 
[silo overflow]... 

Taking X.509 and flatenning some of the most egregious levels of 
hierarchy could go a long way to getting things started, even if it just 
suggests some of the data types to use. 

I would argue against changing the contents of the certificate just to 
make a particular coding scheme easier or harder, especially ASCII - 
nobody is going to be typing these things by hand (if you're planning to 
type in base64representations of your public key, then under no 
circumstances should you ever be allowed to communicate with humans!


They say in  online country             So which side are you on boys
There is no middle way                  Which side are you on
You'll either be a Usenet man           Which side are you on boys
Or a thug for the CDA                   Which side are you on?
  National Union of Computer Operatives; Hackers, local 37   APL-CPIO