[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

<cert> versus <sequence>

To: spki@c2.net
Subject: <cert> versus <sequence>
From: "William Allen Simpson" <wsimpson@greendragon.com>
Date: Wed, 27 Aug 97 13:54:59 GMT
Sender: owner-spki@c2.net

In considering the comments of Markku-Juhani Saarinen <mjos@ssh.fi>, and
trying to reduce the bloated SDSI BNF late last night, I have suddenly
realized that a large part of the confusion is the use of <cert> and
<sequence>.

A certificate without a signature is meaningless.

The certificate reduction does not mention signatures.

The signatures have a principal.

Why would an issuer principal be different from a signature principal?

Why would we repeatedly duplicate the same principal several times in
the same certificate/sequence/whatever?

Also, the use of rsa-pkcs1-md5 as a public-key label is confusing.
That's a signature, not a principal.  A public-key would just be "rsa".
I assume that you just used the same label for convenience.  But it
should be self documenting, and thus different labels are needed.

Likewise, <hash> is a signature form, not a public-key.

After all, the issuer chooses to use the hash-of-key to identify itself,
and there is no real reason that the hashing algorithm needs to be
disclosed.  There is no translation between <hash-of-key> and
<public-key> in the reduction rules.  They have to match exactly.

So, we can get rid of the labels "issuer" and "subject" entirely, and
revert to positional parameters.  And rename <cert> to <header> or
something meaningful.

<header>:: "(" "spki1" <issuer> <subject> ... ")" ;

<issuer>:: <principal> ;

<principal>:: <hash-of-key> | <public-key> ;

<hash-of-key>:: <byte-string>;

<public-key>:: "(" <pk-descriptor> ")";

<pk-descriptor>:: <pk-rsa> | <pk-dss> | <pk-elgamal>;

<pk-rsa>:: "rsa" <byte-string> <byte-string> <display-hint>?;

Visual examples:
( spki1 #12345678# #87654321# ... )

( spki1 (rsa #3# |123456789===|) (rsa #5# |987654321===|) ... )

Note that I moved the display hint down to the level at which it
matters.  It could be (display rsa (e %d) (n %s)) as you like.  But
there is just no reason to put the display information and deeply nested
parenthesis into every certificate or make it part of the canonical
textual format!

( spki1 (rsa (e #3#) (n |123456789===|)) ... )

WSimpson@UMich.edu
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32
BSimpson@MorningStar.com
    Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Prev by Date: Re: comments on "shrinkwrap"
Next by Date: Re: comments on "shrinkwrap"
Prev by thread: Re: comments on "shrinkwrap"
Next by thread: Re: <cert> versus <sequence>
Index(es):
- Main
- Thread