[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: certificate translation
> From: Carl Ellison <cme@cybercash.com>
>
> A real example:
>
> We can make 5-tuples from any kind of certificate, including X.509v3.
> However, one leading set of ASN.1 code for parsing X.509v3 takes, in minimum
> memory form, over 300KB of code. It might be good to have a specialist
> server tie up that memory and translate such certs into 5-tuples which are
> then transmitted to the 5-tuple caches of those who want the work saved.
Another real example:
One other set of ASN.1 code for parsing X.509v3 certs is 42K bytes of
SPARC object code, of which 20KB is the actual BER/X.509 parser/decoder,
15KB is a much-larger-than-necessary OID dictionary, and 7KB is the main
program to read the cert, decode it, and display it. If you just want
X.509v3 to 5-tuple conversion, you should be able to do it in an order-of-
magnitude less memory than 300KB.
Follow-Ups: