[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Canonical form for signing S-expressions
Ron Rivest <rivest@theory.lcs.mit.edu> said:
> There needs to be a canonical form for signing S-expressions.
Yes.
> Example: The S-expression
> (a b (cd e fgh))
> has canonical form for signing
> (#1:a#1:b(#2:cd#1:e#3:fgh))
See draft-bernstein-netstrings-02.txt for an alternative idea,
basically using <ASCII-decimal length><":"><binary stuff><",">
where you have <"#"><ASCII-hex length><":"><binary stuff>.
That way, if we keep the parentheses and just encode the atoms, your
example comes out as
(a b (cd e fgh))
(1:a,1:b,(2:cd,1:e,3:fgh))
For on-the-wire encoding, there might be some advantage to pre-declaring
the length of each parenthesised group (in the hopes of making memory
allocation easier), something like this:
(a b (cd e fgh))
30:(1:a,1:b,16:(2:cd,1:e,3:fgh),),
Although the canonical form for signature does not need to be the same
as an on-the-wire form, it seems to me that making them the same would
be convenient from a code-sharing point of view.
I don't have strong opinions on decimal versus hex, but I do like the
robustness and legibility that are added by having a comma after the end
of the counted string in Dan Bernstein's netstrings proposal.
--apb (Alan Barrett)
Follow-Ups:
References: