On 3/31/14 at 8:16 AM, [email protected] (Stephen Kent) wrote:
I agree that ASN.1 is complex, and if this were a new protocol, not tied to any
existing
ASN.1-based data structures, I would not select ASN.1 as a starting point. But
since we're
talking about data from a TBS cert,since the generators of the data are CAs
(who should
know how to process ASN.1), and since the consumers of the data are browsers
who already
process certs, it seems reasonable to stick with ASN.1.
On 3/31/14 at 8:19 AM, [email protected] (Salz, Rich) wrote:
Adding another encoding makes things more complex. Therefore, the simplest
thing to do is use ASN.1
It's like when you're editing someone else's source code: the
best thing to do is preserve the existing style.
On 3/31/14 at 8:28 AM, [email protected] (Ben Laurie) wrote:
As I just mention, its not actually another encoding - the data
structure can also (ideally should also) be sent as a TLS extension,
in which case ASN.1 is not the simplest thing to do.
Stephen, Rich and Ben make good points. It's too bad the
conclusions differ.
Cheers - Bill
--------------------------------------------------------------
Bill Frantz | There are now so many exceptions to the
408-356-8506 | Fourth Amendment that it operates only by
www.pwpconsult.com | accident. - William Hugh Murray
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
