[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (* reorder ...) comments
I've been trying to puzzle out what you mean, lacking the bandwidth of a
face-to-face exchange. I have concluded (perhaps incorrectly) that we
are miscommunicating because of the tangent that the work has veered
away into a world where everything is a parenthetic S-expression.
> From: Carl Ellison <email@example.com>
> At 05:24 PM 8/26/97 GMT, William Allen Simpson wrote:
> >However, it seemed to me in reading the list some time ago, that the
> >consensus was that any mandatory parameters would be positional, and any
> >optional parameters would trail with explicit names. That gives the
> >best of both worlds. Why wasn't that adopted?
> There's the problem that we don't have a way to distinguish between an
> S-expression whose object name is a data type (e.g., "key" vs. "hash") and
> one whose object name is a parameter name (e.g., "e", "n", etc. in an RSA
> key definition).
For one thing, there is no reason to have the parameter names for RSA.
They are always present, and they are never re-ordered:
(public-key rsa-pkcs1-md5 #03# |12121212121212=|)
Indeed, I don't see why you prefix "public-key" on the front of
"rsa-pkcs1-md5". There is no real semantic difference between a
public-key and a hash of the public-key. If we are going to support
arbitrary S-expression tags known only to the parties, then we might as
well start now:
(rsa-pkcs1-md5 #03# |12121212121212=|)
But, look at the hoops we are jumping thru just to specify an issuer.
It would be much simpler to have:
<issuer>:: "(" "issuer" <principal> <local-name>? <location>? ")" ;
<local-name>:: "(" "name" <byte-string> ")" ;
<location>:: "(" "location" <uri>* ")" ;
I don't see where the distinguishing "public-key" versus "hash" versus
"rsa-pkcs1-md5" would be a problem, as they are rather clearly different
than "name" and "location".
Heck, I don't see why we cannot toss "hash" altogether in this context,
( issuer #12345678# (location "ftp://greendragon.com/wsimpson") )
( issuer (rsa-pkcs1-md5 #03# |12121212121212=|)
That kind of thing would get rid of several of the optional BNF hanging
around the <cert>, and eliminate a fair number of near duplicate
Oh, yeah, and it would be a lot easier to convert to and from PGP....
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Key fingerprint = 2E 07 23 03 C5 62 70 D3 59 B1 4F 5E 1D C2 C1 A2