Re: What ASN.1 got right

Christian Huitema <huitema@huitema.net> Wed, 03 March 2021 00:20 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EBED3A14F3 for <ietf@ietfa.amsl.com>; Tue, 2 Mar 2021 16:20:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.89
X-Spam-Level:
X-Spam-Status: No, score=-0.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, BIGNUM_EMAILS=1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PPGxkse8qe-Z for <ietf@ietfa.amsl.com>; Tue, 2 Mar 2021 16:20:09 -0800 (PST)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5D133A14F4 for <ietf@ietf.org>; Tue, 2 Mar 2021 16:20:08 -0800 (PST)
Received: from xse67.mail2web.com ([66.113.196.67] helo=xse.mail2web.com) by mx134.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1lHFFB-000kwC-2J for ietf@ietf.org; Wed, 03 Mar 2021 01:20:02 +0100
Received: from xsmtp22.mail2web.com (unknown [10.100.68.61]) by xse.mail2web.com (Postfix) with ESMTPS id 4DqvlL4JF0zkYM for <ietf@ietf.org>; Tue, 2 Mar 2021 16:19:58 -0800 (PST)
Received: from [10.5.2.17] (helo=xmail07.myhosting.com) by xsmtp22.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1lHFF8-0006Ff-ES for ietf@ietf.org; Tue, 02 Mar 2021 16:19:58 -0800
Received: (qmail 18706 invoked from network); 3 Mar 2021 00:19:57 -0000
Received: from unknown (HELO [192.168.1.106]) (Authenticated-user:_huitema@huitema.net@[172.58.43.95]) (envelope-sender <huitema@huitema.net>) by xmail07.myhosting.com (qmail-ldap-1.03) with ESMTPA for <ietf@ietf.org>; 3 Mar 2021 00:19:57 -0000
Subject: Re: What ASN.1 got right
To: ietf@ietf.org
References: <0632b948-9ed1-f2bd-96da-9922ebb2aa60@mtcc.com> <006750D4-B70D-44F8-A01A-BD3AB136D9D3@webweaving.org> <a584ff73-34ae-1c9e-e746-ce98749461d7@mtcc.com> <20210302183901.GV30153@localhost> <CAMm+Lwj8QwuqaA3f625Ui8arc0TxY3uLXbG-PKToWGdtq8az6w@mail.gmail.com> <613072c6-5518-91e3-41b9-3b7590ee2346@mtcc.com> <CAMm+LwiEqL3bMg09e5NBNZwkPJ90DmQgLTy=SQNEN0q=vp=wrQ@mail.gmail.com> <ed6830b3-e650-d3fa-b253-9f53e01f9615@mtcc.com> <CAMm+LwifpPg-Sg9cXLpWvjmExt8KfuYq6oRZd4D1L0ZBR3nRFg@mail.gmail.com> <1631e20d-9d8a-b8c2-9d5e-6c7f4defa72d@mtcc.com> <20210302234928.GX30153@localhost> <CAKr6gn13eKWvS0meCs9MM-kCRsCD35CtH6_bsP5WeNbEnR7ing@mail.gmail.com>
From: Christian Huitema <huitema@huitema.net>
Message-ID: <fb9c261e-9ac0-aa4b-8817-d89b1142f1fc@huitema.net>
Date: Tue, 2 Mar 2021 16:19:57 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
MIME-Version: 1.0
In-Reply-To: <CAKr6gn13eKWvS0meCs9MM-kCRsCD35CtH6_bsP5WeNbEnR7ing@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Originating-IP: 66.113.196.67
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.196.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.196.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.15)
X-Recommended-Action: accept
X-Filter-ID: Pt3MvcO5N4iKaDQ5O6lkdGlMVN6RH8bjRMzItlySaT9WLQux0N3HQm8ltz8rnu+BPUtbdvnXkggZ 3YnVId/Y5jcf0yeVQAvfjHznO7+bT5x9j7219Tb9QoiGKb6esGsuKj/EwzSHE5FGYwwjsNRPCD3U 6SO176WxxbanDSFOLRHmD6wdmZPcItWbGe10hXJtXL4FsauCVkDjmcYJdU3yWp7KuHNaaKdg7iBE ZefdsNUFWKwa/wzJUjmazeC7ImcaEppUcKIVyozRQp/ehm5BZRQ6V51u76v35b1wNe/MvdIN+Yj9 JT+HIE3AciYbXmyy2+J9PgaoF8SQHto3le4zsHTaeQtlKubP6iUTjj6yPARK6buALVaA782LKxg6 vRmng8N1aLhXqdc+jC1RcnVud53D5caUhbVtvqItBqoizkEt9O20UjkwI0v+LOlw05G4BS+iyyNq bT8dUMXMJ4tUCMj6G37ZfAMLceP5aNHPt26RBupu5v1nytoNnc138GfEJRQ2qC7jjynPIHPNqSn4 QTXUjLjYWQt1/5xnQymMoPsgr/U0flMcy2Vi/IcBgY4arPaiJ1W6hAyiRC61jekdwIcXNugoOEbH RyFULpSjm7jZ1h/HfDRQ5Ig8VhPsPE8NDxdyIeJZUl7T+dBx2dACjyaKs+bE6e5LQ8QzY95QC7Ef 4SODci3Eh5jKcY3xGoNxDRojSVizNl0ce/s7u0P9b9Tml6eOMCV9kYYwkPx6ZsXvIUzTXkDAiiJi mGhLUFuSW8D9t0kz0vlag+LRt89q4I2s7y9GmQpXga0k49W+HaayuLfHqAnAj7rgKH7+eCmmmWqa rMvolfEw307uDnGUz1ShcA6Xvva2QAVEjpqzANap+28aWyCRVT7YkY7LckVc1ugW97tyO3sS8gyf dhJD3r13qFZSq8Fx+9otn0aqja8VKPqpdskk5LxBR/9t1zMMkdu6/R2FM84kxYRFSvC1IDg1BRW7 hzp8w3iHcOwbVtsmWfnQGGis4EvbR3jXsI0ESXwhBU2hwt/J18C+HygJl/jEzm1SsR8v3aJbN/NZ fa8pHhHaz+HPa0HAgEx4sWDF
X-Report-Abuse-To: spam@quarantine11.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/A40MtqA7dAqx6mUqqBq8cA58ezE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Mar 2021 00:20:10 -0000

On 3/2/2021 4:00 PM, George Michaelson wrote:

> X.500 is complicated because names are complicated.

Well, no. George, I worked on X.500 at the same time you did, and my 
conclusions are different. X.500 names main source of gratuitous 
complexity what that they embedded an arbitrary hierarchy. If I remember 
correctly, the name hierarchy in X.500 embedded things like country 
name, telecom company name, city, street, company (aka, organization), 
department (a.k.a., organization unit), maybe several levels of those, 
and then common name. Some attributes did not identify the person at 
all, but where there to route the query to relevant database. Many of 
these attributes are useful when searching for "Jane in Marketing", but 
the fact is that pretty much each of those attributes have different 
possible values like short or long versions, and that they are probably 
not all required to identify the person. In order to manage the system, 
users were expected to pick a specific subset of "distinguished" 
attributes, which would have enough routing information in them to find 
the relevant database and then uniquely identify an entry in that 
database -- that's why the X.500 names in certificates are called 
"distinguished names". Suffice to say that people found it way easier to 
refer to "jane@marketing.example.com".com".

-- Christian Huitema