Re: What ASN.1 got right

Nico Williams <> Tue, 02 March 2021 06:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8FBD13A2668 for <>; Mon, 1 Mar 2021 22:06:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id AGJqE9WEj61m for <>; Mon, 1 Mar 2021 22:06:29 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 055883A2667 for <>; Mon, 1 Mar 2021 22:06:28 -0800 (PST)
X-Sender-Id: dreamhost|x-authsender|
Received: from (localhost []) by (Postfix) with ESMTP id A14C9482C1C; Tue, 2 Mar 2021 06:06:27 +0000 (UTC)
Received: from (100-96-16-22.trex.outbound.svc.cluster.local []) (Authenticated sender: dreamhost) by (Postfix) with ESMTPA id 27B33482C8A; Tue, 2 Mar 2021 06:06:27 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by (trex/6.0.2); Tue, 02 Mar 2021 06:06:27 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|
X-MailChannels-Auth-Id: dreamhost
X-Cure-Attack: 00ad565f7f52d6ae_1614665187465_3202021145
X-MC-Loop-Signature: 1614665187465:2279949173
X-MC-Ingress-Time: 1614665187464
Received: from (localhost []) by (Postfix) with ESMTP id D54C88727D; Mon, 1 Mar 2021 22:06:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to;; bh=x7MAFNug4PA6LQ OGcfhg4ZVNiZs=; b=YNMEP17PgX29oepCLRfiSA1Tq4sCfQw5mNdyJ6fv7rM+hg k03NDag9aHraG+tVcNMl6nuypD44lJeLQxJjgyA+DkCdtS9lJTDsGspHJxZd00nu e+u3pWKapUC+BHnrHvvbSmKowOeeSnMwHweOSebpJvjiV1NBcIxwh+NBYNsnQ=
Received: from localhost (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: by (Postfix) with ESMTPSA id B7F007EF9C; Mon, 1 Mar 2021 22:06:25 -0800 (PST)
Date: Tue, 2 Mar 2021 00:06:23 -0600
X-DH-BACKEND: pdx1-sub0-mail-a86
From: Nico Williams <>
To: Phillip Hallam-Baker <>
Cc: Michael Thomas <>, IETF Discussion Mailing List <>
Subject: Re: What ASN.1 got right
Message-ID: <20210302060622.GR30153@localhost>
References: <20210302010731.GL30153@localhost> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 02 Mar 2021 06:06:32 -0000

On Tue, Mar 02, 2021 at 12:28:03AM -0500, Phillip Hallam-Baker wrote:
> Thing about the WebPKI is that everyone seems to hate it just as much today
> as when we originally proposed it 25 years ago. All the things people keep
> saying were better were on the table then as well. We could have a
> discussion about why DNSSEC is no better but that won't get us anywhere.

We hate WebPKI because it isn't really a PKI and because x.509 meant
x.500 naming and because it's ugly and old and creaky.

OTOH, PKIX at least has evolved almost enough over the years.  We now
have better naming, and we understand that short-lived credentials are
the only way to do revocation (Kerberos knew that long ago).

I like OpenSSH's simpler certificates, but in some ways they're too
simple.  I really do want a hint as to the "type" of a "principal" name
because the corporate world I inhabit has multiple types of principal
names.  Etc.

> None of the systems on the table in 1995 is going to work and if you want
> to understand why go get a machine that SHIPPED with Windows 95, boot it
> and see what we had to work with.
> PKIX and the WebPKI were built for 30MHz machines with 32 bit processors
> and 4MB of memory.

I don't follow.  Given all the CPU, RAM, and storage available now, what
would you do differently?  Mesh, yes, I know, but, remind me how Mesh
uses all that extra HW that PKIX leaves on the table?

> If you want a decent PKI for user authentication you need to be willing to
> do Internet2 for PKI and do some blue sky research.

No please.  That's how we got X.500 naming to begin with.  Subject Alt
Names exist because X.500 failed.

SMTP and RFCx822-style email address naming killed X.400 because X.400
inherently meant an awful UX.  X.500 naming needs to die.

> There aren't many folk doing that at the moment as BitPonzi has sucked all
> the air out of the room.

Sadly this is too true.

> Its not ASN.1 that is the problem. Its actually Public Key crypto isn't
> enough, you need threshold. But we are getting rid of the ASN.1 as well for
> two reasons. First, nobody is going to use our stuff if we force them to do
> ASN.1. Second, nobody is paying me to do my stuff right now but once I have
> it working in JSON/JSON-B, I can probably find some ASN.1 aficionados to
> give me a consulting gig to write an ASN.1 version.

Eh, to be sure I don't anyone to have to use ASN.1.  And I agree any
replacement for PKIX should use JSON, like JWT does.  As I said, the
biggest problem with ASN.1 is the dearth of open source tooling, and
that is caused by bad pricing decisions made in 1984 [by people doing
blue sky research].

Though sometimes I think simpler is bad because it makes it too easy to
end up with ton of half-baked simple implementations and can lead to an
interoperability nightmare.

[And again, you can do JSON with ASN.1, but whatever.]