[Cryptography] [FORGED] Re: Is ASN.1 still the thing?

Erwann ABALEA erwann at abalea.com
Wed Nov 15 15:52:13 EST 2017


2017-11-15 18:10 GMT+01:00 Nico Williams <nico at cryptonector.com>:

> On Wed, Nov 15, 2017 at 08:53:16AM +0000, Erwann ABALEA wrote:
> > > By using extensibility markers.  Which Protocol Buffers.. does not
> have.
> >
> > Correct. Or by declaring the module as EXTENSIBILITY IMPLIED, or simply
> by
> > using BER/DER (where extensibility is implied in the deciding phase even
> if
> > the module doesn't declare it).
>
> Mind you, just using BER/DER/CER is not sufficient, since a decoder is
> free to produce an error when it sees unexpected SEQUENCE fields.  And
> for CHOICEs and SETs the extensibility markers are even more important.
>

A decoder doing that wouldn't be compliant. X.690 Clause 8.1.1.4 forbids it.

8.1.1.4 Encodings specified in this Recommendation | International Standard
are not affected by either the ASN.1 subtype notation or the ASN.1 type
extensibility notation.
  NOTE – This means that all constraint notation is ignored when
determining encodings, and all extensibility markers in CHOICE, SEQUENCE
and SET are ignored, with the extensions treated as if they were in the
extension root of the type.


The clause is present (without the NOTE) in the 1997 edition of the
standard.

-- 
Erwann.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171115/94c9efb5/attachment.html>


More information about the cryptography mailing list