[Cryptography] Is ASN.1 still the thing?

[John-Mark Gurney]

James A. Donald wrote this message on Mon, Nov 13, 2017 at 13:11 +1000:

> Do JSON, Yaml, or protobuff allow representing data format in ways that 
> give a unique and well defined checksum, that will not be affected by 
> endianess or compiler options?

JSON does not have a formal encoding that allows it, but there is
JCS (JSON Cleartext Signature) that has a well defined encoding.

I have not looked at YAML or protobuff.

> Cryptographers specify data formats are in ASN.1 because that way you 
> can get a unique hash or checksum of the data, regardless of which 
> compiler you are using, and whether your machine is big endian or little 
> endian.

DER encoding, not just ASN.1.

> But these days everyone seems to be using JSON to represent data in 
> transit, because that is the language of the web and of node.js, or 
> YAML, which is JSON polished up to support more kinds of data and to 
> actually be genuinely human readable, or protobuff, because people who 
> write in C++ despise the horrible inefficiency of translating data to 
> and from ascii representation.
> 
> ASN.1 provides canonical format so that you can hash it or checksum it, 
> ultra efficient binary format for C and C++ purists, and supposedly 
> human readable format, though its human readable format is not 
> particularly human readable.  You are a lot better off with YAML if, as 
> in ini files, you want human readability.

P.S. Don't reply to a random email.  It causes weird threading, and people
may mark an entire thread as read, and miss your message this was.

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."