[warlord@mit.edu: Re: Canonical form for signing S-expressions]

[rivest@theory.lcs.mit.edu (Ron Rivest)]

It is easy to fix Barrett's proposal so that it works for SDSI/SPKI

We use:
	len{...}	only for strings (8-bit chars)
	len[...]	for display-hints for the following string
	len(...)	for lists
In all cases the length is the length inside the braces/brackets/parens
in bytes.

	27(1{a}1{b}15(2{cd}1[e]3{fgh}))

means

	(a b c (cd [e]fgh))

Ron Rivest
==============================================================================
Return-Path: <owner-spki@c2.net>
X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-spki@c2.org using -f
To: Alan Barrett <apb@iafrica.com>
Cc: spki@c2.net
Subject: Re: Canonical form for signing S-expressions
References: <Pine.NEB.3.95.970414191015.17551K-100000@apb.iafrica.com>
From: Derek Atkins <warlord@mit.edu>
Date: 14 Apr 1997 14:37:42 -0400
In-Reply-To: Alan Barrett's message of Mon, 14 Apr 1997 19:36:41 +0200 (GMT+0200)
Lines: 38
Sender: owner-spki@c2.net
Precedence: bulk

The only problem with this is that you now have an ambiguous recursion
problem.  How do you know when:
	30:(1:a,1:b,16:(2:cd,1:e,3:fgh),),

means
	'((1:a,1:b,16:(2:cd,1:e,3:fgh),))
or
	(a b (cd e fgh)

Both of these would encode to the same notation in your example.

-derek

Alan Barrett <apb@iafrica.com> writes:

> For on-the-wire encoding, there might be some advantage to pre-declaring
> the length of each parenthesised group (in the hopes of making memory
> allocation easier), something like this: 
> 
> 	(a b (cd e fgh)) 
> 	30:(1:a,1:b,16:(2:cd,1:e,3:fgh),),
> 
> Although the canonical form for signature does not need to be the same
> as an on-the-wire form, it seems to me that making them the same would
> be convenient from a code-sharing point of view.
> 
> I don't have strong opinions on decimal versus hex, but I do like the
> robustness and legibility that are added by having a comma after the end
> of the counted string in Dan Bernstein's netstrings proposal. 
> 
> --apb (Alan Barrett)
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/      PP-ASEL      N1NWH
       warlord@MIT.EDU                        PGP key available

---

• Prev by Date: Re: Canonical form for signing S-expressions
• Next by Date: Re: Multi-Tag-Cert Tag Creation and Validation
• Prev by thread: canonical form for S-expressions / binary form
• Next by thread: public domain SHA-1?
• Index(es):
  • Main
  • Thread