crypto for the average programmer
Travis H.
solinym at gmail.com
Wed Dec 14 12:10:51 EST 2005
On 12/14/05, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> I don't know if there's any site tracking this, but (as the tutorial says) you
> can either go with PKCS #1 (the de facto standard, easy to implement and
> widely used) ...
Actually, I'm embarassed to admit this but I've seen PKCS before but
never with enough context to know what it was; I thought it was some
kind of RSA proprietary mumbo-jumbo. But, oh dear, it involves ASN.1.
That rules out use by the layperson. I've run into ASN.1 before with
regard to SNMP, and it struck me as infinitely more complex than
anything I'd ever need to query packet counts on my router.
MIBs, subtype constraints, multiple sets of encoding rules, schemata?
Hopeless. The descriptions of ASN.1 I've seen are more complicated
than any cryptographic primitive I've ever run across. I'd trust an
ASN.1 codec library about as much as I'd trust a DCE/RPC codec, give
or take an order of magnitude.
I'm not trying to be excessively curmudgeonly today, but I have to
note that the top google hit for ASN.1 has a "list of myths about
ASN.1", of which the last two are true, a tutorial that begins with me
writing an ASN.1 specification with no guidance or introduction
whatsoever, and defines ASN.1 as "a formalism for the specification of
abstract data types". Oh, well that clears it up. Does it help me
adopt new paradigms of data representation in a dynamic, fast-paced
environment?
And with that, I'm out. :-P
--
http://www.lightconsulting.com/~travis/ -><- P=NP if (P=0 or N=1)
"My love for mathematics is like 1/x as x approaches 0."
GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list