Re: What ASN.1 got right

Keith Moore <moore@network-heretics.com> Thu, 04 March 2021 18:48 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C93E23A1435 for <ietf@ietfa.amsl.com>; Thu, 4 Mar 2021 10:48:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ykO8Z9CI65Gp for <ietf@ietfa.amsl.com>; Thu, 4 Mar 2021 10:48:41 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F2103A1432 for <ietf@ietf.org>; Thu, 4 Mar 2021 10:48:41 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 782A05C0054 for <ietf@ietf.org>; Thu, 4 Mar 2021 13:48:39 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Thu, 04 Mar 2021 13:48:39 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=NQxPh6vkKMkoGKqFDFP/r9+ktBt/PFFYl24C8t6Cg Tw=; b=dS/5AKi5eJcFMx1spXgDO/X/Z1IGA+T5Z73gSLeEOSi3SjMDEtrMgaD3s eFvYXs9d8yeo0LBnEz7Ji/lW+yGXKNL0cwZEDn2D2JEP1miJhoGwGQdMkAMJduuV Xw2LE1VT+AgoJKfRtwj03tMwRWkHN8mTyE8mf6YkCJJ5tLAoS4eKAFR7Ofs1WBLu zQMKMPwqgdx7OzfRORBkpFxih07Hog/3sKuZHila1it3HeZ7tcMQY9w76W1LUkaA okfcndcaToW4KT3j6r0mZFK2gtZcewD+6cj8qrywe4HQ73pxbVUazASNer7kV+ZZ ztnBXrZMM+4/V1fiCp5V7wBxCDLdA==
X-ME-Sender: <xms:hytBYB1D0G4ZtgjOdviQnov_La6Gf6-o8m_ZUlrpeF8YhERjWXsFaA> <xme:hytBYIG9qpdgGhkUji-E_zktRfxqnQwwezrACPVR6PxmIrgK1Xnnn9mLkqD4DIkGN -tsRhZDUV8VeQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledruddtgedguddtkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesth ekredttdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvght fihorhhkqdhhvghrvghtihgtshdrtghomheqnecuggftrfgrthhtvghrnhephefhuedthe efgfefgffhkeehgfeugfeiudeugeejkeefleelueeiffetfeeuudeunecukfhppedutdek rddvvddurddukedtrdduheenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmh grihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:hytBYB7uQILjClEUpP7ysXA1bTURsQtZq26B1eRbGJPWI3mZ3kJShA> <xmx:hytBYO3CH5gwuCx-hQvzXp9INBpSIDgSkWLLR4eLeustsgbQh-cTlw> <xmx:hytBYEGxZsMhctGgldVy7b-8WjAZB2hH3Y0sf9coVRHJSDcaJa6cBQ> <xmx:hytBYIGPWpqtHOFvrABrlsG1d_uMAW3GzpLEd187oqGX0YQnhiwyKg>
Received: from [192.168.1.90] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id DA77E1080059 for <ietf@ietf.org>; Thu, 4 Mar 2021 13:48:38 -0500 (EST)
Subject: Re: What ASN.1 got right
To: ietf@ietf.org
References: <20210302010731.GL30153@localhost> <0632b948-9ed1-f2bd-96da-9922ebb2aa60@mtcc.com> <YECpybvczdbKHvHx@puck.nether.net> <CAMm+LwiiySi5O1_WDc4-F9x1XfMFFvE-rEbc4uw+31DHJNEHEA@mail.gmail.com> <86b382d8-dd3c-ed0a-8dde-f0837cf10e98@mtcc.com>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <21f4daa7-fe35-3d85-a7ff-b547cfe55ff7@network-heretics.com>
Date: Thu, 4 Mar 2021 13:48:38 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
MIME-Version: 1.0
In-Reply-To: <86b382d8-dd3c-ed0a-8dde-f0837cf10e98@mtcc.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/XJxZa5JLUlKZcIc9Y4lARAwjbPo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Mar 2021 18:48:43 -0000

On 3/4/21 12:14 PM, Michael Thomas wrote:

> That's the thing: the only thing that X.509 is used for at any scale 
> is TLS and that is definitionally online. Everything else is niche in 
> comparison. If you need offline capability, fine, but almost nothing 
> does anymore if it's associated with the internet in any way.

I don't think that's true at all.   There are a vast number of networks 
that are mostly disconnected from the Internet (but probably do connect 
occasionally), but which still use Internet protocols and applications.

It's silly to dismiss those as if they didn't exist or weren't 
important.  They're quite often parts of critical infrastructure.

Keith