RE: Poll on Exclusive Canonicalization from Phillip Hallam-Baker on 2001-06-20 (w3c-ietf-xmldsig@w3.org from April to June 2001)

From: Phillip Hallam-Baker <pbaker@verisign.com>
Date: Wed, 20 Jun 2001 11:29:22 -0700
To: "'Phil Griffin'" <phil.griffin@asn-1.com>, Phillip Hallam-Baker <pbaker@verisign.com>
Cc: "'Donald E. Eastlake 3rd'" <dee3@torque.pothole.com>, w3c-ietf-xmldsig@w3.org
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F40154C9AB@vhqpostal.verisign.com>

> > > Was it a mistake to standardize DER?
> > 
> > Yes, total, complete and collosal. It was an utter failure.
> 
> Well, at least it managed to get SSL and the like
> going. That's a little better than nothing I suppose.

Untrue. The SSL implementations have NEVER depended on DER encoding. None of
the implementations in common use check for DER conformance - for the good
reason that it causes implementations to break.

Netscape and IE to this day carry root certificates that are not even in DER
encoding. According to DER the attribute sets should be sorted into order.

Once upon a time there was a law that said that every car produced had to
carry a 500 lb block of concrete. This was widely criticized as the concrete
block had no benefit but increased the fuel consumption and took up space.
When questioned about it the legislator who had proposed the law smilled and
said "of course the concrete block was needed, as the success of the
automobile industry proves".


There are good arguments for C14N in XML. DER encoding is not one of them.


	Phill

Attachments

application/octet-stream attachment: Phillip_Hallam-Baker__E-mail_.vcf

Received on Wednesday, 20 June 2001 14:29:37 UTC