W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2001

RE: Poll on Exclusive Canonicalization

From: Phillip Hallam-Baker <pbaker@verisign.com>
Date: Wed, 20 Jun 2001 11:29:22 -0700
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F40154C9AB@vhqpostal.verisign.com>
To: "'Phil Griffin'" <phil.griffin@asn-1.com>, Phillip Hallam-Baker <pbaker@verisign.com>
Cc: "'Donald E. Eastlake 3rd'" <dee3@torque.pothole.com>, w3c-ietf-xmldsig@w3.org
> > > Was it a mistake to standardize DER?
> > 
> > Yes, total, complete and collosal. It was an utter failure.
> 
> Well, at least it managed to get SSL and the like
> going. That's a little better than nothing I suppose.

Untrue. The SSL implementations have NEVER depended on DER encoding. None of
the implementations in common use check for DER conformance - for the good
reason that it causes implementations to break.

Netscape and IE to this day carry root certificates that are not even in DER
encoding. According to DER the attribute sets should be sorted into order.

Once upon a time there was a law that said that every car produced had to
carry a 500 lb block of concrete. This was widely criticized as the concrete
block had no benefit but increased the fuel consumption and took up space.
When questioned about it the legislator who had proposed the law smilled and
said "of course the concrete block was needed, as the success of the
automobile industry proves".


There are good arguments for C14N in XML. DER encoding is not one of them.


	Phill



Received on Wednesday, 20 June 2001 14:29:37 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:13 GMT