[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: encoding: SPKI vs. SDSI

> From: "Frank O'Dwyer" <fod@brd.ie>
> Even if you constrain the generator, the receiver still must 
> implement the checks since the data arrives 'flat'. That is 
> if the second field is always supposed to be a string, then you 
> still have to check that it is a string.

That is true of any transfer syntax.  Even if certificates are
human-readable ASCII in which every field is a string, at some point
you have to check that the "Validity" string is a legitimate validity
specification, a "Signature" string can actually be verified as a
digital signature, etc.

Allowing the decoder to verify that the second field is a string
(instead of a date or an integer, for example) allows the checks to be
done at a lower level, in a uniform instead of a structure-specific
manner.  From my POV, this is a huge advantage of using a strongly-typed
transfer syntax.