[Cryptography] encoding formats should not be committee'ized
iang at iang.org
Mon Sep 30 04:41:26 EDT 2013
On 29/09/13 16:13 PM, Jerry Leichter wrote:
> On Sep 26, 2013, at 7:54 PM, Phillip Hallam-Baker wrote:
>> ...[W]ho on earth thought DER encoding was necessary or anything other than incredible stupidity?...
> It's standard. :-)
> We've been through two rounds of standard data interchange representations:
> 1. Network connections are slow, memory is limited and expensive, we can't afford any extra overhead. Hence DER.
> 2. Network connections are fast, memory is cheap, we don't have to worry about them - toss in every last feature anyone could possibly want. Hence XML.
> Starting from opposite extremes, committees of standards experts managed to produce results that are too complex and too difficult for anyone to get right - and which in cryptographic contexts manage to share the same problem of multiple representations that make signing such a joy.
> BTW, the *idea* behind DER isn't inherently bad - but the way it ended up is another story. For a comparison, look at the encodings Knuth came up with in the TeX world. Both dvi and pk files are extremely compact binary representations - but correct encoders and decoders for them are plentiful. (And it's not as if the Internet world hasn't come up with complex, difficult encodings when the need arose - see IDNA.)
Experience suggests that asking a standards committee to do the encoding
format is a disaster.
I just looked at my code, which does something we call Wire, and it's
700 loc. Testing code is about a kloc I suppose. Writing reference
implementations is a piece of cake.
Why can't we just designate some big player to do it, and follow suit?
Why argue in committee?
More information about the cryptography