RE: Objects and a configuration file

Mon, 25 Sep 2000 20:37:03 -0700 

From: Frank Balluffi <[EMAIL PROTECTED]>

frankb> 1. I can see lots of value in using a file (that maps an
frankb> object identifier's numeric representation to and from its
frankb> string representation) when decoding. I can't see much use
frankb> when encoding. Perhaps someone else can?

Depends on what you mean, but ciphers are identified through names
like "DES-EDE3-CBC3".  Those are "short names" for the algorithm
OIDs.  There are most probably other examples.  I'd look for OBJ_sn2
and OBJ_txt2 throughout the source to see how and where it's used.

frankb> 2. When possible, use an existing standard. RFC 2253's oid =
frankb> 1*DIGIT *("." 1*DIGIT) is probably the most common numeric
frankb> representation of an object identifier.

In objects.txt, what's been used is a part of the ASN.1 syntax:


   id-pkix-ocsp-basic     OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 }
                                                  ^^^^^^^^^^^^^^

frankb> 3. RFC 2253's "short names" identify attribute types (i.e.,
frankb> attributeType = (ALPHA 1*keychar) / oid), not object identifiers.
frankb> I am not aware of any standard for short object identifier
frankb> names, nor do I see a whole lot of value in them.

I'm not sure I understand in what way an attribute types are very
different from other object identifiers from a technical point of
view.  I can fully understand the difference from a conceptual or
semantic point of view, but I see that as a different viewpoint.

-- 
Richard Levitte   \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken   \ S-168 35  BROMMA  \ T: +46-8-26 52 47
Redakteur@Stacken   \      SWEDEN       \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to