[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: OCSP-X vs SCVP
- To: <ietf-pkix@xxxxxxx>
- Subject: RE: OCSP-X vs SCVP
- From: "Peter H. Gien" <pgien@xxxxxxxx>
- Date: Sun, 12 Nov 2000 18:27:38 -0500
- Importance: Normal
- In-reply-to: <>
Dan,
Forgive me if I digress from the original topic.
Let's agree that ASN.1 and XML are not really languages such as C and Java.
As such, ASN.1 and XML are simply tag formats that are used to describe
data. I cannot compile ASN.1 nor can I execute XML. The use of one or the
other would not necessarily result in "code bloat". Data bloat yes.
One thing that is for sure though, is that any budding VB programmer can
open an XML document without any trouble. MSXML.DLL is already on their
machine and it opens the document as if by magic. A little more study,
effort and insight is needed to open an ASN.1 file. (OK, a lot more...)
I'd like to add that going forward, XML should be a standard way of
describing all PKIX data structures. Think what has happened to assembly
programming? Delegated to the specialist backwaters of computing (Too much
studying, effort and insight was required). It was replaced with C and
shortly thereafter with C++. The same analogy applies to ASN.1 and XML. The
standard that requires the least amount of intellectual effort to comprehend
and implement is the one that wins. This does not always translate to the
best standard!)
So without sparking a riot, I'd like to agree with the rest of you who are
advocating XML.
Thanks
Peter H. Gien
-----Original Message-----
From: dash@ns.secondary.com [mailto:dash@ns.secondary.com]On Behalf Of
Dan Ash
Sent: Sunday, November 12, 2000 6:36 PM
To: ietf-pkix@imc.org
Subject: RE: OCSP-X vs SCVP
The SCVP draft defines syntax for both ASN.1 and XML A question about
this arose on the list a few months back, where it was mentioned that
supporting both languages would:
- cause "code bloat".
- significantly increase the testing burden
- and cause potential discrepancy when translating from one
language to another.
I might be completely off track here, but is it possible, and does it
make sense to include within the definition of a protocol not only
different languages to represent the content, but also a specification
of how to translate from one language to the another? If so, perhaps
some arbitrary software (independent of the client or the server) could
translate from one language to another... allowing both the client and
the server to deploy in either language. This might alleviate the
problems mentioned above.
In any case, this issue of ASN.1 vs XML is obviously a complex one.
ASN.1 is ingrained in all of PKIX's work... while the user community is
demanding XML.. and for PKIX to begin incorporating XML in anything, I
think there needs to be a direction and a consistent strategy to move
forward with. If there isn't any general direction and strategy, then
I believe that we'd only be promoting confusion. For this, I certainly
agree with Ambarish....that the XML vs. ASN.1 topic should be discussed
independently of OCSPv2 and SCVP so that it may be more clear of how we
can and should proceed if and when it is decided to integrate XML
representation into PKIX efforts.
... Also, I do agree that the topic should be awarded priority if it
hasn't already.
-dan