Re: [Dance] Encoding of the certificate
Shreyas Zare <shreyas@technitium.com> Wed, 08 February 2023 09:59 UTC
Return-Path: <shreyas@technitium.com>
X-Original-To: dance@ietfa.amsl.com
Delivered-To: dance@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 969F5C14CE3F for <dance@ietfa.amsl.com>; Wed, 8 Feb 2023 01:59:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=technitium.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oVsrDq_4RQHg for <dance@ietfa.amsl.com>; Wed, 8 Feb 2023 01:58:56 -0800 (PST)
Received: from sender-op-o10.zoho.in (sender-op-o10.zoho.in [103.117.158.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B78D8C14CF1F for <dance@ietf.org>; Wed, 8 Feb 2023 01:58:54 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1675850330; cv=none; d=zohomail.in; s=zohoarc; b=FUAGh60374D0mJzM9NOl96g5AHqxaB3srjO0G93GFwCYnkFKt4UxyrW/DhK3jZzMyAaEeOkGkg7TfyF9aeIIT9ptgdCw+uQPROAhT4MtVTZZ8nqH7ei/alqxlJj27d/gZhqRpaOV1sWhvtK2LSQLdKd7PtZEHIl/slGPcD8fd/0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.in; s=zohoarc; t=1675850330; h=Content-Type:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=U16aY7NKL+kFy2CoPLQkuBZ10WuoKiBNwLOANZHiVQs=; b=Ia344KVxLhDtCfh03Mh9cuZoxM25Of/ABWu9pwePkZshFP2BPLwJMhLDdKuXwiMEBovmH9veI+uWP2tvXpWB6XRdRsDUjHUCOHX0OVI5W0vlUnf6ohNMIuAr42R337nMe+DbOA3uZvWs46hPSfuTnL9S42dmbcyFniKHAGxyi8Q=
ARC-Authentication-Results: i=1; mx.zohomail.in; dkim=pass header.i=technitium.com; spf=pass smtp.mailfrom=shreyas@technitium.com; dmarc=pass header.from=<shreyas@technitium.com>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1675850330; s=zmail; d=technitium.com; i=shreyas@technitium.com; h=Content-Type:Date:Date:MIME-Version:Subject:Subject:To:To:References:From:From:Message-ID:In-Reply-To:Message-Id:Reply-To:Cc; bh=U16aY7NKL+kFy2CoPLQkuBZ10WuoKiBNwLOANZHiVQs=; b=WHrD2JXqPUsmtLK40x1vrJKRXij43ayJi+ETXWGrcZZIgflPBo8PrmrvbiDNVyKa FIvesK70SAkXD5M+vgfrBp6qCHVbC9f73iCgBsyJ1Ctkf2w/zpzdbwrwoVb/zIyp4Oy 4ckX49NDtu/Hw3Y2lJq65uIhqAvkNqb6VbDUj19M=
Received: from [192.168.10.5] (116.72.179.131 [116.72.179.131]) by mx.zoho.in with SMTPS id 1675850327818390.0743536873979; Wed, 8 Feb 2023 15:28:47 +0530 (IST)
Content-Type: multipart/alternative; boundary="------------Ct53HC7f0fuwVG51nK2wIsTm"
Date: Wed, 08 Feb 2023 15:28:47 +0530
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1
Content-Language: en-US
To: dance@ietf.org
References: <SJ0P114MB1246C45019BA1E7318A4BAE2ACD89@SJ0P114MB1246.NAMP114.PROD.OUTLOOK.COM>
From: Shreyas Zare <shreyas@technitium.com>
Message-ID: <af88677c-53ab-8a5b-b655-9f1a67789e8e@technitium.com>
In-Reply-To: <SJ0P114MB1246C45019BA1E7318A4BAE2ACD89@SJ0P114MB1246.NAMP114.PROD.OUTLOOK.COM>
X-ZohoMailClient: External
Archived-At: <https://mailarchive.ietf.org/arch/msg/dance/lnMWYD-mN1RllsOVmAbXZC4fBEE>
Subject: Re: [Dance] Encoding of the certificate
X-BeenThere: dance@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DANE Authentication for Network Clients Everywhere <dance.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dance>, <mailto:dance-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dance/>
List-Post: <mailto:dance@ietf.org>
List-Help: <mailto:dance-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dance>, <mailto:dance-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2023 09:59:00 -0000
Hi, On 2/8/2023 1:55 PM, Stange, Wolf wrote: > > Hello, > > I've just discovered DANCE and am really excited about it, because I > really like and use DANE already. > > However, I've a question: > > DANE is using Base16 (hex) for storing the certificate/subpubkey data > in the TLSA record - Have there been any thoughts about using base64 > as the encoding for the data, or even more compact encodings? > > You would always need two bytes to represent a byte in base16 (= > doubling it), whereas base64 maps every 3 bytes of data to 4 > characters/bytes. For example, encoding 32 bytes: b16 => 64 bytes; b64 > => 44 bytes. > > I see, that it could make hash comparisons more difficult in some > cases (when using a hash matching type (1, 2) and the representation > IS already in hex). But for the matching type 0 (full), it COULD still > bring an advantage when storing large information in the record, > especially in the case of selector 0 (full cert). > > Best > > Wolf :-) > > The Certificate Associated Data in the TLSA record is in binary when its serialized to wire format and only represented in hex form in its text presentation format in zone files. Regards, *Shreyas Zare* Technitium <https://technitium.com/>
- [Dance] Encoding of the certificate Stange, Wolf
- Re: [Dance] Encoding of the certificate Shreyas Zare
- Re: [Dance] Encoding of the certificate Michael Richardson
- Re: [Dance] Encoding of the certificate Rick van Rein