[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Canonical form for signing S-expressions
Ron Rivest wrote:
>
>
> There needs to be a canonical form for signing S-expressions. That is,
> a way of interpreting an S-expression as a sequence of bytes to be fed
> into a hash function. This byte sequence does not need to be the same
> as the byte sequence used to transmit the S-expression, nor does it need
> to be the same as the memory layout of the S-expression. It should be
> easy to generate from whatever memory layout you use for S-expressions,
> and it should be compact, so as to keep the hashing efficient. (I note that
> the production of the canonical form byte-string can be done piecemeal, as
> most hash functions can take their input in chunks.)
>
> Given these requirements and considerations, I have heard no technical
> arguments against the following proposal, and I suggest we go with it.
> -- represent all byte strings "verbatim" as e.g.
> #3:abc
> with #,hexadecimal length,colon,byte-string
> (Using this format gives maximum efficiency for long byte strings.)
> -- represent lists with parentheses
> -- use no spaces to separate elements, and no fragmentation of
> byte strings.
>
> Example: The S-expression
> (a b (cd e fgh))
> has canonical form for signing
> (#1:a#1:b(#2:cd#1:e#3:fgh))
Seems to me that the # is redundant, and should, therefore, be left out.
Cheers,
Ben.
--
Ben Laurie Phone: +44 (181) 994 6435 Email: ben@algroup.co.uk
Freelance Consultant and Fax: +44 (181) 994 6472
Technical Director URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd, Apache Group member (http://www.apache.org)
London, England. Apache-SSL author
Follow-Ups:
References: