[Cryptography] Is ASN.1 still the thing?
James A. Donald
jamesd at echeque.com
Sun Nov 26 23:34:57 EST 2017
One of the reasons we have far too many serialization protocols is that
we don't need a serialization protocol at all. We don't want to
serialize arbitrary data, because the whole point of serializing data is
so that someone else can deserialize that data. And he does not want to
deserialize arbitrary data. He wants to deserialize particular message
types known in advance.
So, a serialization protocol needs to be part of, and an afterthought
to, a message type negotiation that occurs when forming a connection,
the sockets and protocol negotiation when forming a connection. The two
ends need to agree on a set of known message types that cannot represent
arbitrary data, but can only represent a small set of object types known
in advance to both ends at compile time.
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the cryptography
mailing list