[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bugs in the BNF?

To: "William Allen Simpson" <wsimpson@greendragon.com>
Subject: bugs in the BNF?
From: Carl Ellison <cme@cybercash.com>
Date: Fri, 29 Aug 1997 01:08:50 -0400
Cc: spki@c2.net
In-Reply-To: <6493.wsimpson@greendragon.com>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

At 08:28 AM 8/28/97 GMT, William Allen Simpson wrote:
>Any kind of certificate without a signature doesn't make any sense.

Of course a cert without a signature doesn't make sense.  It does make 
sense, however, to build and hash a cert body as one operation and to form a 
signature from that hash as a second, independent operation.  Among other 
things, you might have a signature blinding operation in the middle.

>> > The <sequence> is a set of signatures (and other cruft) on a single
>> > certificate.
>>
>> Nope. It may contain any number of certificates, preferably forming a
>> chain.
>>
>>    <sequence>:: "(" "sequence" <seq-ent>* ")" ;
>>    <seq-ent>:: <cert> | <pub-key> | <signature> | <op> ;
>>
>Another bug in the BNF.  Note that a sequence can somehow form a list of
>signatures and ops without any keys or certs.  I'll propose a
>replacement later today.
>
>Please don't blame me for bugs in someone else's draft.

Pardon me, but these aren't bugs.  They are intentional.  The fact that a 
cert doesn't become a 5-tuple without a valid signature shouldn't show up in 
the BNF.  That's a part of the logic of the verification code.  Perhaps I 
need to spell that out more clearly in that section, but it doesn't belong 
in the BNF.  The same applies to the other operations in a (sequence...).
That is, you have to have all the public keys which certs refer to only
by hash and you have to have a full chain of certs which reduce properly.
If you think of a (sequence...) as a program, it's possible to write
incorrect programs.  I can't imagine how to write the BNF for a language
which can produce only correct programs.

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBNAZZYVQXJENzYr45AQElagP6Aj3y7Wkv1Sl1pTD0XJIzRyh6daiZrF54
jAJMlykhAvxme1W/u14QJaMQi59JivjUrjiMo+MBKB4GSCKwnthTBafSXQ4DupLL
RSpEz3zgjhC0skpcmj4lqQ2SaQP1KkhDp95kZKAUuvKkObOmBjVEj3r0g5Rwo6zn
mdSV+Z08F8A=
=QDeU
-----END PGP SIGNATURE-----

+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

References:

Re: more comments on "shrinkwrap"

From: "William Allen Simpson" <wsimpson@greendragon.com>

Prev by Date: Re: more comments on "shrinkwrap"
Next by Date: Re: <cert> versus <sequence>
Prev by thread: Re: more comments on "shrinkwrap"
Next by thread: Re: comments on "shrinkwrap"
Index(es):
- Main
- Thread