On 29/09/13 16:13 PM, Jerry Leichter wrote:
On Sep 26, 2013, at 7:54 PM, Phillip Hallam-Baker wrote:
...[W]ho on earth thought DER encoding was necessary or anything other than
It's standard. :-)
We've been through two rounds of standard data interchange representations:
1. Network connections are slow, memory is limited and expensive, we can't
afford any extra overhead. Hence DER.
2. Network connections are fast, memory is cheap, we don't have to worry about
them - toss in every last feature anyone could possibly want. Hence XML.
Starting from opposite extremes, committees of standards experts managed to
produce results that are too complex and too difficult for anyone to get right
- and which in cryptographic contexts manage to share the same problem of
multiple representations that make signing such a joy.
BTW, the *idea* behind DER isn't inherently bad - but the way it ended up is
another story. For a comparison, look at the encodings Knuth came up with in
the TeX world. Both dvi and pk files are extremely compact binary
representations - but correct encoders and decoders for them are plentiful.
(And it's not as if the Internet world hasn't come up with complex, difficult
encodings when the need arose - see IDNA.)
Experience suggests that asking a standards committee to do the encoding
format is a disaster.
I just looked at my code, which does something we call Wire, and it's
700 loc. Testing code is about a kloc I suppose. Writing reference
implementations is a piece of cake.
Why can't we just designate some big player to do it, and follow suit?
Why argue in committee?
The cryptography mailing list