On Sep 26, 2013, at 7:54 PM, Phillip Hallam-Baker wrote:
> ...[W]ho on earth thought DER encoding was necessary or anything other than
> incredible stupidity?...
It's standard. :-)
We've been through two rounds of standard data interchange representations:
1. Network connections are slow, memory is limited and expensive, we can't
afford any extra overhead. Hence DER.
2. Network connections are fast, memory is cheap, we don't have to worry about
them - toss in every last feature anyone could possibly want. Hence XML.
Starting from opposite extremes, committees of standards experts managed to
produce results that are too complex and too difficult for anyone to get right
- and which in cryptographic contexts manage to share the same problem of
multiple representations that make signing such a joy.
BTW, the *idea* behind DER isn't inherently bad - but the way it ended up is
another story. For a comparison, look at the encodings Knuth came up with in
the TeX world. Both dvi and pk files are extremely compact binary
representations - but correct encoders and decoders for them are plentiful.
(And it's not as if the Internet world hasn't come up with complex, difficult
encodings when the need arose - see IDNA.)
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
