In message <1479908025.8937.74.ca...@infradead.org> on Wed, 23 Nov 2016 13:33:45 +0000, David Woodhouse <dw...@infradead.org> said:
dwmw2> On Wed, 2016-11-23 at 13:13 +0000, Salz, Rich wrote: dwmw2> > > But, what I get from you is "what if a octet stream matches two different dwmw2> > > ASN.1 types? Is that it? dwmw2> > dwmw2> > Yes among others. How do you know it will *never* happen? dwmw2> dwmw2> Because if anyone tries to invent yet *another* ASN.1 form for storing dwmw2> keys, I am going to personally visit them in the small hours and stick dwmw2> a bat up their nightshirt? (let's keep the heat down, shall we?) dwmw2> Hopefully we don't need to add completely new ones; we can use the dwmw2> existing PKCS#8 and PKCS#12 containers for new things. dwmw2> dwmw2> But even if a new form is invented which is ambiguous with existing dwmw2> forms, that's OK too. We don't support 'detection' of that new format dwmw2> by its ASN.1 structure. It'll be PEM-only like the TSS blobs are unless dwmw2> the type is explicitly specified. Errr... Now I'm confused. Wasn't that (explicit type spec) exactly what you didn't want to see, no matter if the file was PEM or raw DER? -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
