The issue here is you have two proposals, one involves a breaking change, the other does not.
We both agree that the breaking change is useful. But here is the difference, I am saying that if you are going to make one breaking change, you have the opportunity to make more of them. The problem I see is the attempt to maintain backwards compatibility which in my view has absolutely no value whatsoever. If we wanted a more compact X.509 encoding, we could have used Packed Encoding Rules 30 years ago. There wasn't the demand then and there isn't demand now. Certificates just aren't big enough to justify the change even if it was going to work reliably. I am not going to be going off to fix my DER encoding to make sure it is completely canonical just to make this compression scheme work and I don't think anyone else will be doing that either. On Fri, Oct 10, 2025 at 8:05 AM Lijun Liao <[email protected]> wrote: > > > On 9. Oct 2025, at 19:59, Phillip Hallam-Baker <[email protected]> > wrote: > > If you are going to replace DER with CBOR, fine. DER is probably the > single biggest reason for hatred of ASN.1. The problem being you have to > encode nested variants. > > > Fine. So no further discussion is needed. > > > But that goes away if you are going to take a DER encoded certificate and > convert it to CBOR for 'compression'. Once you do that, you have to > reconstruct the original DER to validate the signature. And those of us who > know DER are saying that is an absolute horror show. > > The only way to efficiently encode DER is to write yourself a custom > buffer class that allows you to start at the end of the structure and work > backwards. And even then you have to sort sets. That isn't a problem for > most of the TLS world because most certificates come from special > snowflakes that have to get themselves $250K audits and such and nobody > really checks to see if the certs are really DER in any case. > > If you are trying to use CBOR to compress existing PKIX certs, every > relying party is going to have to do the ASN.1 DER encoding rules to > validate signatures. > > > Yes. The relying party needs to understand both C509 and ASN.1 DER > encoding rules to reconstruct the TBSCertificate for the signature > verification. This is the cost to have smaller transport size. > >
_______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
