Re: [Trans] RFC6962 BIS Log file encodings.
Stephen Kent <kent@bbn.com> Mon, 31 March 2014 15:17 UTC
Return-Path: <kent@bbn.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0ACB1A0862 for <trans@ietfa.amsl.com>; Mon, 31 Mar 2014 08:17:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.611
X-Spam-Level:
X-Spam-Status: No, score=-3.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_45=0.6, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cStGqfwfjQS9 for <trans@ietfa.amsl.com>; Mon, 31 Mar 2014 08:17:00 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 245A41A066B for <trans@ietf.org>; Mon, 31 Mar 2014 08:17:00 -0700 (PDT)
Received: from dhcp89-089-218.bbn.com ([128.89.89.218]:49236) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1WUdxQ-000H86-NP for trans@ietf.org; Mon, 31 Mar 2014 11:17:04 -0400
Message-ID: <533986E8.6040201@bbn.com>
Date: Mon, 31 Mar 2014 11:16:56 -0400
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: trans@ietf.org
References: <r422Ps-1075i-50EDDACBA0064390A2CED9708B9D3E07@Williams-MacBook-Pro.local>
In-Reply-To: <r422Ps-1075i-50EDDACBA0064390A2CED9708B9D3E07@Williams-MacBook-Pro.local>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/a0R5D8KFTnKr7RelzSjT6h_Jlpc
Subject: Re: [Trans] RFC6962 BIS Log file encodings.
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2014 15:17:02 -0000
Bill, > On 3/28/14 at 11:47 AM, eabalea@gmail.com (Erwann Abalea) wrote: > >> I don't see the problem with ASN.1. > > IMHO, the problem with ASN.1 is that it is too complex. There exists a > history of attacks on computer security by sending malformed ASN.1 > irritating bugs in ASN.1 encoders. In addition, the ability to specify > "infinite" length data has caused buffer overruns. > > ASN.1 fans my say that these bugs have all been fixed, and they may be > right if no new ASN.1 interpreters are written. > > However, complexity is always a bad thing in a security protocol. Make > it only as complex as necessary, and no more complex. > > Cheers - Bill I agree that ASN.1 is complex, and if this were a new protocol, not tied to any existing ASN.1-based data structures, I would not select ASN.1 as a starting point. But since we're talking about data from a TBS cert,since the generators of the data are CAs (who should know how to process ASN.1), and since the consumers of the data are browsers who already process certs, it seems reasonable to stick with ASN.1. Steve
- [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Eran Messeri
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. David A. Cooper
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. Phillip Hallam-Baker
- Re: [Trans] RFC6962 BIS Log file encodings. Rick Andrews
- Re: [Trans] RFC6962 BIS Log file encodings. Salz, Rich
- Re: [Trans] RFC6962 BIS Log file encodings. Erwann Abalea
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Erwann Abalea
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Rob Stradling
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Salz, Rich
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Stephen Kent
- Re: [Trans] RFC6962 BIS Log file encodings. Bill Frantz
- Re: [Trans] RFC6962 BIS Log file encodings. Gervase Markham
- Re: [Trans] RFC6962 BIS Log file encodings. Gervase Markham
- Re: [Trans] RFC6962 BIS Log file encodings. Ben Laurie
- Re: [Trans] RFC6962 BIS Log file encodings. Eran Messeri