[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: encoding: SPKI vs. SDSI
> From: "Frank O'Dwyer" <firstname.lastname@example.org>
> Even if you constrain the generator, the receiver still must
> implement the checks since the data arrives 'flat'. That is
> if the second field is always supposed to be a string, then you
> still have to check that it is a string.
That is true of any transfer syntax. Even if certificates are
human-readable ASCII in which every field is a string, at some point
you have to check that the "Validity" string is a legitimate validity
specification, a "Signature" string can actually be verified as a
digital signature, etc.
Allowing the decoder to verify that the second field is a string
(instead of a date or an integer, for example) allows the checks to be
done at a lower level, in a uniform instead of a structure-specific
manner. From my POV, this is a huge advantage of using a strongly-typed