Re: [Trans] RFC6962 BIS Log file encodings.
Erwann Abalea <eabalea@gmail.com> Sat, 29 March 2014 23:21 UTC
Return-Path: <eabalea@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD59F1A07FF for <trans@ietfa.amsl.com>; Sat, 29 Mar 2014 16:21:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gqPSvPTvN_GB for <trans@ietfa.amsl.com>; Sat, 29 Mar 2014 16:21:21 -0700 (PDT)
Received: from mail-ve0-x234.google.com (mail-ve0-x234.google.com [IPv6:2607:f8b0:400c:c01::234]) by ietfa.amsl.com (Postfix) with ESMTP id DBA921A06B9 for <trans@ietf.org>; Sat, 29 Mar 2014 16:21:20 -0700 (PDT)
Received: by mail-ve0-f180.google.com with SMTP id jz11so6896472veb.25 for <trans@ietf.org>; Sat, 29 Mar 2014 16:21:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LGHSG0vaZvvHL3yZQFcZtWwy2xYM31phyFCb3O5M4hk=; b=jXmf6EN+ZlHn5q1wq4PD7RjTyOe9UaHO6Gf0W9uYohIW2UFb8l/gPebpOuawxYeOxB RFPw8WGo2N+m4CrVuW6eN9+vRGrSk9gdx1scSckznr6i2H7YAGU8ykQaDKJRYyIeeUXQ l6U/NikXFspu/fdl46fphEDzMmVHFtOPkQgBia/YluC5CwOrxSvjfl7BJNE0zHCvxljz r5myIfx5O8+Ku3oAHobjV1hK++Hn0IveuLe3sOaA0ZHkkhyBCioYuvMSdhUxbnAp7JJp Bla03qe+JvXdbUYDGuwD8wdMTeEfwwMFi6Kb/TZgLEtzTbR5B8ippaE+uWXJAsCzuAqR kK+A==
MIME-Version: 1.0
X-Received: by 10.221.29.137 with SMTP id ry9mr14877936vcb.6.1396135278101; Sat, 29 Mar 2014 16:21:18 -0700 (PDT)
Received: by 10.52.142.103 with HTTP; Sat, 29 Mar 2014 16:21:18 -0700 (PDT)
In-Reply-To: <r422Ps-1075i-50EDDACBA0064390A2CED9708B9D3E07@Williams-MacBook-Pro.local>
References: <CA+i=0E7FecAG_Dq2VAtyqrrsiHzkt9jgPfAL_BJ9mm4-G58n2w@mail.gmail.com> <r422Ps-1075i-50EDDACBA0064390A2CED9708B9D3E07@Williams-MacBook-Pro.local>
Date: Sun, 30 Mar 2014 00:21:18 +0100
Message-ID: <CA+i=0E4byZ8DPgarYxSvKAeq6_nhDyNO5_59_Tw4h6B4Zf1ymw@mail.gmail.com>
From: Erwann Abalea <eabalea@gmail.com>
To: Bill Frantz <frantz@pwpconsult.com>
Content-Type: multipart/alternative; boundary="001a1133935c4f766404f5c71351"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/Sk4VP5aRlYmzg7y37BxxzALRZ08
Cc: "trans@ietf.org" <trans@ietf.org>, Rob Stradling <rob.stradling@comodo.com>, Phillip Hallam-Baker <hallam@gmail.com>, Rick Andrews <Rick_Andrews@symantec.com>, Eran Messeri <eranm@google.com>
Subject: Re: [Trans] RFC6962 BIS Log file encodings.
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Mar 2014 23:21:23 -0000
2014-03-29 23:49 GMT+01:00 Bill Frantz <frantz@pwpconsult.com>: > On 3/28/14 at 11:47 AM, eabalea@gmail.com (Erwann Abalea) wrote: > > I don't see the problem with ASN.1. >> > > IMHO, the problem with ASN.1 is that it is too complex. There exists a > history of attacks on computer security by sending malformed ASN.1 > irritating bugs in ASN.1 encoders. In addition, the ability to specify > "infinite" length data has caused buffer overruns. > ASN.1 isn't a stream of bytes. It's only a language used to describe a structure, and it needs some encoding rule to serialize data transmitted on the wire. Use another encoding rule, and you'll have a different bit/byte representation. The mentioned bugs (infinite length) are to be found on some BER/DER encoders, and similar ones can be found on XML parsers, MS Word files loaders, and many others. If a certificate is encoded using XER and an XML parser is hit by a bug, can the fault be attributed to ASN.1, the language used to describe a certificate? If the same format is described with another language while keeping the same binary representation, will it make the bug disappear? Data structures defined in RFC6962 can be described in ASN.1 as well, and encoded using PER (that's not common), and it will be binary compatible with what is proposed. Will it introduce new bugs because of ASN.1? -- Erwann.
- [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Eran Messeri
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. David A. Cooper
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. Salz, Rich
- Re: [Trans] RFC6962 BIS Log file encodings. Erwann Abalea
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Erwann Abalea
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Salz, Rich
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Gervase Markham
- Re: [Trans] RFC6962 BIS Log file encodings. Gervase Markham
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Eran Messeri