Re: DER in ac509prof-03

[Russ Housley <housley@xxxxxxxxxx>]

Phil:

You are correct.  In the 1988 series of documents, DER is defined as a 
short list of constraints on ASN.1, and those constraints are enumerated in 
X.509-1988.  We should Reference X.208-1988, X.209-1988, and X.509-1988 to 
provide all of the parts that people need.

I have no problem including a reference to the Larmouth book if people 
think that it will help implementors.

Russ

At 08:33 PM 05/09/2000 -0400, Phillip H. Griffin wrote:
> Hi there,
>
> In section 4.1, just after your use of the deprecated
> "ANY" notation, your profile states incorrectly that "DER
> is defined in [X.208-88]". X.208 defines Abstract Syntax
> Notation ONE (ASN.1), but it does not define any of the
> ASN.1 encoding rules.
>
> Way back in 1988, the time period to which you refer, the
> ASN.1 encoding rules were defined in X.209. Of course both
> X.208 and X.209 have been superseded and relegated along
> with their lists of unresolved defects to the maintenance
> site, at http://www.furniss.co.uk/maint/asn/index.html.
>
> In 1988, only BER existed as an ASN.1 standard, as defined
> in X.209 (though X.509:88 defined a set of restrictions on
> X.209 that they called DER). The DER, PER and CER encoding
> rules were not standardized until 1994. It could be that
> you are referring to "[X.509-88]" in your document rather
> than the current version of X.509 (which defines ACs) to
> try to include some sort of DER support for X.208/209 -
> hard to tell.
>
> The initial DER was created by Hoyt Kesterson's X.509 group.
> Out of their efforts, the ASN.1 DER rules evolved, and are
> now defined in the current ASN.1 standard, X.690. Though the
> spirit of X.509-88 and X.690:DER are the same, X.690:DER
> corrects a number of oversights present in X.509-88. These
> two rule sets differ in slight ways, particularly in how
> bit string values and a few other very small details are
> handled. These distinctions become important when digital
> signatures are involved.
>
> A good description of DER can be found in a free download
> copy of the recent ASN.1 book by John Larmouth, called ASN.1
> Complete, at http://www.nokalva.com/asn1/booksintro.html.
> Hard copy is also available from B&N (not for free I think).
> All of the wrinkles and warts are discussed. Worth a read
> if you have to deal often with such things.
>
> Phil
> ----
> Phillip H. Griffin      Griffin Consulting
> http://asn-1.com        Secure ASN.1 Design & Implementation
> +1-919-832-7008         1625 Glenwood Avenue, Five Points
> +1-919-832-7390 [fax]   Raleigh, North Carolina  27608  USA
> ------------------------------------------------------------