[Cryptography] encoding formats should not be committee'ized

ianG iang at iang.org
Mon Sep 30 04:41:26 EDT 2013

On 29/09/13 16:13 PM, Jerry Leichter wrote:
> On Sep 26, 2013, at 7:54 PM, Phillip Hallam-Baker wrote:
>> ...[W]ho on earth thought DER encoding was necessary or anything other than incredible stupidity?...
> It's standard.  :-)
> We've been through two rounds of standard data interchange representations:
> 1.  Network connections are slow, memory is limited and expensive, we can't afford any extra overhead.  Hence DER.
> 2.  Network connections are fast, memory is cheap, we don't have to worry about them - toss in every last feature anyone could possibly want.  Hence XML.
> Starting from opposite extremes, committees of standards experts managed to produce results that are too complex and too difficult for anyone to get right - and which in cryptographic contexts manage to share the same problem of multiple representations that make signing such a joy.
> BTW, the *idea* behind DER isn't inherently bad - but the way it ended up is another story.  For a comparison, look at the encodings Knuth came up with in the TeX world.  Both dvi and pk files are extremely compact binary representations - but correct encoders and decoders for them are plentiful.  (And it's not as if the Internet world hasn't come up with complex, difficult encodings when the need arose - see IDNA.)

Experience suggests that asking a standards committee to do the encoding 
format is a disaster.

I just looked at my code, which does something we call Wire, and it's 
700 loc.  Testing code is about a kloc I suppose.  Writing reference 
implementations is a piece of cake.

Why can't we just designate some big player to do it, and follow suit? 
Why argue in committee?


More information about the cryptography mailing list