Re: certificate translation

[dpkemp@missi.ncsc.mil (David P. Kemp)]

> From: Carl Ellison <cme@cybercash.com>
> 
> A real example:
> 
> We can make 5-tuples from any kind of certificate, including X.509v3.  
> However, one leading set of ASN.1 code for parsing X.509v3 takes, in minimum 
> memory form, over 300KB of code.  It might be good to have a specialist 
> server tie up that memory and translate such certs into 5-tuples which are 
> then transmitted to the 5-tuple caches of those who want the work saved.

Another real example:

One other set of ASN.1 code for parsing X.509v3 certs is 42K bytes of
SPARC object code, of which 20KB is the actual BER/X.509 parser/decoder,
15KB is a much-larger-than-necessary OID dictionary, and 7KB is the main
program to read the cert, decode it, and display it.  If you just want
X.509v3 to 5-tuple conversion, you should be able to do it in an order-of-
magnitude less memory than 300KB.

---

Follow-Ups:

• Re: certificate translation
• From: Carl Ellison <cme@cybercash.com>

---

• Prev by Date: Re: Java programs, etc.
• Next by Date: Re: binary vs. S-expressions
• Prev by thread: certificate translation
• Next by thread: Re: certificate translation
• Index(es):
  • Main
  • Thread