[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: specification language?
On Thu, 7 Mar 1996, Andy Brown wrote:
>
> So, we must first decide what purpose these PK certificates are to
> serve and then decide what mandatory information they must carry in
> order to serve those purposes, then what optional information they
> may carry in order to enhance their utility. Then, and only then,
> is it time to start arguing about how to write it down formally.
I think the answer to this question will have a lot in common with the
answer to 'why not just use X.509?'.
I also think that a lot of useful answrs can be drawn from the experience
of LDAP (things like flatening names into an ascii string, instead of
X.500 plain and simples nested sequence of sets of sets of sequences of
[silo overflow]...
Taking X.509 and flatenning some of the most egregious levels of
hierarchy could go a long way to getting things started, even if it just
suggests some of the data types to use.
I would argue against changing the contents of the certificate just to
make a particular coding scheme easier or harder, especially ASCII -
nobody is going to be typing these things by hand (if you're planning to
type in base64representations of your public key, then under no
circumstances should you ever be allowed to communicate with humans!
Simon
---
They say in online country So which side are you on boys
There is no middle way Which side are you on
You'll either be a Usenet man Which side are you on boys
Or a thug for the CDA Which side are you on?
National Union of Computer Operatives; Hackers, local 37 APL-CPIO
References: