On 12/14/05, Peter Gutmann <[EMAIL PROTECTED]> wrote: > I don't know if there's any site tracking this, but (as the tutorial says) you > can either go with PKCS #1 (the de facto standard, easy to implement and > widely used) ...
Actually, I'm embarassed to admit this but I've seen PKCS before but never with enough context to know what it was; I thought it was some kind of RSA proprietary mumbo-jumbo. But, oh dear, it involves ASN.1. That rules out use by the layperson. I've run into ASN.1 before with regard to SNMP, and it struck me as infinitely more complex than anything I'd ever need to query packet counts on my router. MIBs, subtype constraints, multiple sets of encoding rules, schemata? Hopeless. The descriptions of ASN.1 I've seen are more complicated than any cryptographic primitive I've ever run across. I'd trust an ASN.1 codec library about as much as I'd trust a DCE/RPC codec, give or take an order of magnitude. I'm not trying to be excessively curmudgeonly today, but I have to note that the top google hit for ASN.1 has a "list of myths about ASN.1", of which the last two are true, a tutorial that begins with me writing an ASN.1 specification with no guidance or introduction whatsoever, and defines ASN.1 as "a formalism for the specification of abstract data types". Oh, well that clears it up. Does it help me adopt new paradigms of data representation in a dynamic, fast-paced environment? And with that, I'm out. :-P -- http://www.lightconsulting.com/~travis/ -><- P=NP if (P=0 or N=1) "My love for mathematics is like 1/x as x approaches 0." GPG fingerprint: 50A1 15C5 A9DE 23B9 ED98 C93E 38E9 204A 94C2 641B --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]