[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: specification language?

>The big issues are can we canonicalize the data? do we need a special tool to 
>read the certs? Can we generate them without a complex processor? 
>These needs seem to take us down the road of an ASCII representation which is 
>very extensible. I see two possible candidates, we can try to hack arround 
with >RFC 822 headers or we can use s-expressions. I prefer the second (I 
>Certainly it would be an advantage to have a simple parse structure for the 
>certs so that they could be parsed and canonicalised in a simple one step 
>If we used LISP we could simply write out the expression into a stream as a 
>single line with no carriage returns and sign that.

I'll bite my tongue and merely make suggestion that some subset of ASN.1 would 
serve us well, as well as offering substantial compatibility for those 
applications which also need to handle X.509 certificates. (since we still 
don't know what problem it is we are trying to solve, we can neither confirm 
nor deny whther there would be applications that might need a foot in both 

But plain ASCII just isn't going to cut it outside of the US, UK, Australia, 
and New Zealand markets. Forget Canada and Mexico, and certainly Germany, 
France, and most of the rest of Europe, all of South America, most of Africa, 
and all of Asia. those languages require something very close to ASN.1 
BMPString (Unicode).

Of course, we are the Internet, so we can just say that anyone who refuses to 
use American English simply doesn't count -- they should be forced to, right?


Robert R. Jueneman
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254

"The opinions expressed are my own, and may not 
reflect the official position of GTE, if any, on this subject."