RE: X.509 Extensions Enhancements

["Carlin Covey" <ccovey@cylink.com>]

Bodo,

Sorry to be so late in responding, but I've been on vacation.

My rationale for my trailing zeros interpretation is this:

(1) X.680 and X.690 are ambiguously worded.
(2) The deletion of trailing 0 bits is associated with "unused bits."
(3) The "delete all trailing zeros" interpretation inhibits extensibility.

Re (1):  Here's why X.680 is ambiguously worded:

X.680 could have said "... encoding rules are free to concatenate
arbitrarily
     many trailing 0 bits to the NamedBitList, and are free to truncate any
     trailing zeros following the NamedBitList"

or X.680 could have said "... encoding rules are free to concatenate
arbitrarily
     many trailing 0 bits to the NamedBitList, and are free to truncate any
     trailing zeros within or following the NamedBitList"

Instead X.680 says  "... encoding rules are free to add (or remove)
arbitrarily
     many trailing 0 bits to (or from) values that are being encoded or
     decoded."

The current wording is briefer, but allows for either interpretation (since
the
"values that are being encoded" is a bit string that may contain 0 bits at
the
trailing end).


X.690 is similarly ambiguous:

It says "the bitstring shall have all trailing 0 bits removed before it is
encoded." but doesn't specify whether the trailing 0 bits to be removed
include those within the bitstring, or only those that follow the bitstring
(i.e. the 0 bits that X.680 said could be added arbitrarily).

Re (2):  Note that the "delete all trailing 0's" interpretation doesn't
explain why
X.690 section 11.2.2 should be included within section 11.2, which is
entitled
"Unused Bits."  My interpretation does explain this.  Deleting trailing 0
bits
applies only to the "unused bits" that follow the NamedBitList.


Re (3): I won't repeat the extensibility argument that appeared in my email
of June 12.


Regards,

Carlin

____________________________

-  Carlin Covey
   Cylink Corporation

-----Original Message-----
From: Bodo Moeller [mailto:moeller@cdc.informatik.tu-darmstadt.de]
Sent: Wednesday, June 13, 2001 1:08 AM
To: Carlin Covey
Cc: Housley, Russ; ietf-pkix@imc.org
Subject: Re: X.509 Extensions Enhancements


On Tue, Jun 12, 2001 at 10:43:50AM -0700, Carlin Covey wrote:

> Some people interpret X.680/690 as requiring that the DER encoding
> omit trailing zeros from such a named bit string.  I (with some
concurrence
> from the X.509 folks) believe that this is an error.  X.680/690 say that
> trailing UNUSED bits are to be omitted.  Bits (7) and (8) WERE unused,
> and certificates issued in ignorance of the newly defined bits should
> omit them.  But certificates issued in cognizance of the newly defined
bits
> should include these bits as either 1 or 0, as appropriate.

I have no idea how one could read this out of X.680 and X.690.

X.680 (12/97), section 21.7, says

     When a "NamedBitList" is used in defining a bitstring type ASN.1
     encoding rules are free to add (or remove) arbitrarily many
     trailing 0 bits to (or from) values that are being encoded or
     decoded.  Application designers should therefore ensure that
     different semantics are not associated with such values which
     differ only in the number of trailing 0 bits.

X.690 (12/97), section 11.2.2, says

     Where ITU-T Rec. X.680 | ISO/IEC 8824-1, 21.7, applies, the
     bitstring shall have all trailing 0 bits removed before it is
     encoded.

(Section 11 is entitled "Restrictions on BER employed by both CER
and DER", section 11.2 is entitled "Unused bits".)

This looks pretty clear to me: Trailing zeros in named bit strings
are forbidden in DER, period.


--
Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de>
PGP
http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036