[Cryptography] Is ASN.1 still the thing?

[James A. Donald]

On 11/19/2017 5:57 AM, Bill Frantz wrote:
> It may be nonsense, but Carl Ellison was severely burned by this issue 
> on a project before we started developing the SPKI spec. That 
> experience, along with the large number of security flaws in ASN.1 
> implementations, made him hate ASN.1. Since he was a principle author of 
> SPKI, we followed his wish to avoid ASN.1 like the plague. That's the 
> history.

I find that Apache Avro can do binary serialization to memory thus 
making possible hardware and compiler independent hashes, and also has 
RPC support in every major language, recently including node.js 
javascript, for HTTP, TCP, and WebSockets.

So it looks like Apache Avro might well work.  Definitely will work if 
it lives up to its self description.

digressing onto a closely related issue (related in that the primary 
application of global hashes is crypto currency and squaring Zooko's 
triangle) - the big problem with spki is that while information wants to 
be free, engineers want to be paid.  And servers cost money. A 
cryptocurrency system analogous to namecoin should be able to not only 
provide name reservation, the fourth corner of Zooko's triangle, as it 
does now, but also a mechanism to make nameservice widely available at a 
fee, which does not yet seem to be happening with namecoin.  One would 
think a system based on bitcoin could pay engineers. Is this happening?

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus