[Cryptography] Is ASN.1 still the thing?
James A. Donald
jamesd at echeque.com
Mon Nov 20 02:15:59 EST 2017
On 11/19/2017 5:57 AM, Bill Frantz wrote:
> It may be nonsense, but Carl Ellison was severely burned by this issue
> on a project before we started developing the SPKI spec. That
> experience, along with the large number of security flaws in ASN.1
> implementations, made him hate ASN.1. Since he was a principle author of
> SPKI, we followed his wish to avoid ASN.1 like the plague. That's the
> history.
I find that Apache Avro can do binary serialization to memory thus
making possible hardware and compiler independent hashes, and also has
RPC support in every major language, recently including node.js
javascript, for HTTP, TCP, and WebSockets.
So it looks like Apache Avro might well work. Definitely will work if
it lives up to its self description.
digressing onto a closely related issue (related in that the primary
application of global hashes is crypto currency and squaring Zooko's
triangle) - the big problem with spki is that while information wants to
be free, engineers want to be paid. And servers cost money. A
cryptocurrency system analogous to namecoin should be able to not only
provide name reservation, the fourth corner of Zooko's triangle, as it
does now, but also a mechanism to make nameservice widely available at a
fee, which does not yet seem to be happening with namecoin. One would
think a system based on bitcoin could pay engineers. Is this happening?
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the cryptography
mailing list