[Cryptography] Is ASN.1 still the thing?

[Bill Frantz]

On 11/15/17 at 12:11 AM, jamesd at echeque.com (James A. Donald) wrote:

>I rather think we do depend on repeatable canonical encoding - 
>I want separate code bases on separate machines to generate the 
>equivalent checksum for the same transaction, so that they will 
>know it is the same transaction, and the only value that I 
>derive from ASN.1 is canonical per, so that I can define a 
>canonical checksum for a data structure that is likely to be 
>internally different on different machines with different compilers.

Back when I was working the the Simple Public Key Infrastructure 
(SPKI) with the IETF, Carl Ellison had very strong complaints 
about ASN.1's signing protocols. He told me that to follow the 
standard, when you received a message, you broke it down into 
the native formats of your computer, and then re-encoded it 
before checking the signature. This procedure failed miserably 
when the two computers used different floating point formats: 
e.g. IBM 370 and IBM PC.

Cheers - Bill

---------------------------------------------------------------------------
Bill Frantz        | If you want total security, go to prison. 
There you're
408-356-8506       | fed, clothed, given medical care and so on. 
The only
www.pwpconsult.com | thing lacking is freedom. - Dwight D. Eisenhower