Re: SSL sans RSA

Niels Möller (nisse@lysator.liu.se)
23 Feb 1999 17:02:59 +0100

• Next message: C: "PKI and RADIUS"
• Previous message: K. M. Ellis: "PIII Security Bypassed (fwd)"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Vin McLellan: "Re: SSL sans RSA"
• Reply: Vin McLellan: "Re: SSL sans RSA"
• Reply: Alex Alten: "Re: SSL sans RSA"

pgut001@cs.auckland.ac.nz (Peter Gutmann) writes:

> The problem isn't ASN.1, it's how it's used, or as the old saying goes, "The
> determined programmer can write FORTRAN in any language". ASN.1 is just
> another programming language, and like any language it's possible to write
> complete crap in it.

I guess you're right here.

> ASN.1, if used properly, is an extremely elegant and powerful
> notation for describing data formats.

I'm not so sure about this... I once tried to write a grammer for
ASN.1, for a LR parser generator. I.e., parsing the type descriptions,
not just the encoded data objects. I failed. I'm not even convinced
that ASN.1 is unambigous. I have heard that things like SNMP that uses
ASN.1 heavily uses a well defined subset of ASN.1, which should be
easier to parse.

> For opposite ends of the scale, compare things like PFX (described
> in http://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html)

I have a half-written PFX-parser. So far, it's the absolutely ugliest
standard I have tried to understand. *puke*

> PKCS #15 (which is a kind of tour de force of what you can do with
> ASN.1 if you know how to use it).

I haven't seen this one. What is it about?

/Niels

• Next message: C: "PKI and RADIUS"
• Previous message: K. M. Ellis: "PIII Security Bypassed (fwd)"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Vin McLellan: "Re: SSL sans RSA"
• Reply: Vin McLellan: "Re: SSL sans RSA"
• Reply: Alex Alten: "Re: SSL sans RSA"