On Sunday, Oct 5, 2003, at 11:03 US/Eastern, Jonathan S. Shapiro wrote:
Peter:
I agree that ASN.1 is statically checkable, and that this is an important property.
However, ASN.1 is notoriously hard to parse, which leads to errors.
I take it you a saying that ASN.1 syntax is hard to parse? Having written two parsers (C & Java) I can say that ASN.1's DER encoding is in fact straightforward to parse correctly, provided that you don't underestimate the task *and* you create and use an 'exhaustive' test suite.
The problems with ASN.1 seem to stem more from its ISO heritage and dense specifications. That and the fact that a low-level bit-packing library isn't as glamorous as writing crypto and thus doesn't get as much scrutiny as other parts of protocol libraries.
-J
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
