[Cryptography] Is ASN.1 still the thing?

[Florian Weimer]

* Peter Gutmann:

> ASN.1 has a lot of design-by-committee junk in it (the date format, for
> example), but BER and DER are pretty clean.

What I find very hard, as someone who has never been formally trained
in the ASN.1 arts, is going from a specification like this:

   Certificate  ::=  SEQUENCE  {
        tbsCertificate       TBSCertificate,
        signatureAlgorithm   AlgorithmIdentifier,
        signatureValue       BIT STRING  }

   TBSCertificate  ::=  SEQUENCE  {
        version         [0]  EXPLICIT Version DEFAULT v1,
        serialNumber         CertificateSerialNumber,
        signature            AlgorithmIdentifier,
        issuer               Name,
        validity             Validity,
        subject              Name,
        subjectPublicKeyInfo SubjectPublicKeyInfo,
        issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
                             -- If present, version MUST be v2 or v3
        subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
                             -- If present, version MUST be v2 or v3
        extensions      [3]  EXPLICIT Extensions OPTIONAL
                             -- If present, version MUST be v3
        }

to the BER/DER encoding.  The problem is this:

        version         [0]  EXPLICIT Version DEFAULT v1,

which has a funny impact on the encoding, which turns out rather
irregular at this point.  The reset is pretty boring TLV stuff and
easy to implement, but I never found a specification of what
*actually* happens here.  If it's described in X.690 (07/2002), I
really don't see it.