[Cryptography] Is ASN.1 still the thing?
Bill Frantz
frantz at pwpconsult.com
Sat Nov 18 14:57:08 EST 2017
On 11/17/17 at 1:02 PM, nico at cryptonector.com (Nico Williams) wrote:
>For security protocols this should be a non-issue though: we don't use
>real numbers. But someone said they were advised to stay away from
>ASN.1 because of this issue when designing SPKI -- that's just nonsense :/
It may be nonsense, but Carl Ellison was severely burned by this
issue on a project before we started developing the SPKI spec.
That experience, along with the large number of security flaws
in ASN.1 implementations, made him hate ASN.1. Since he was a
principle author of SPKI, we followed his wish to avoid ASN.1
like the plague. That's the history.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz |The nice thing about standards| Periwinkle
(408)356-8506 |is there are so many to choose| 16345
Englewood Ave
www.pwpconsult.com |from. - Andrew Tanenbaum | Los Gatos,
CA 95032
More information about the cryptography
mailing list