[Cryptography] RSA recommends against use of its own products.

Jerry Leichter leichter at lrw.com
Sun Sep 29 09:13:41 EDT 2013

On Sep 26, 2013, at 7:54 PM, Phillip Hallam-Baker wrote:
> ...[W]ho on earth thought DER encoding was necessary or anything other than incredible stupidity?...
It's standard.  :-)

We've been through two rounds of standard data interchange representations:

1.  Network connections are slow, memory is limited and expensive, we can't afford any extra overhead.  Hence DER.
2.  Network connections are fast, memory is cheap, we don't have to worry about them - toss in every last feature anyone could possibly want.  Hence XML.

Starting from opposite extremes, committees of standards experts managed to produce results that are too complex and too difficult for anyone to get right - and which in cryptographic contexts manage to share the same problem of multiple representations that make signing such a joy.

BTW, the *idea* behind DER isn't inherently bad - but the way it ended up is another story.  For a comparison, look at the encodings Knuth came up with in the TeX world.  Both dvi and pk files are extremely compact binary representations - but correct encoders and decoders for them are plentiful.  (And it's not as if the Internet world hasn't come up with complex, difficult encodings when the need arose - see IDNA.)

                                                        -- Jerry

More information about the cryptography mailing list