[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ASN.1 readability (was Re: Semi-annual reminder: dumpasn1 utilityavailable)

To: ietf-pkix@xxxxxxx
Subject: Re: ASN.1 readability (was Re: Semi-annual reminder: dumpasn1 utilityavailable)
From: Aram Perez <aram@xxxxxxxxxxx>
Date: Mon, 11 Dec 2000 09:16:50 -0800
In-reply-to: <>
User-agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022

Robert Klerer wrote:

> But this is where the argument for efficiency breaks.  The relaying party
> for the PKI is often a human being not always a computer program.  Often
> when my browser (or email client) asks me if I want to trust a certificate,
> I have a hard time finding my trusty ASN.1 decoder ring in that limited
> dialog box.  I certainly cannot trust the browser to do it, since they can
> not even display the subject name in a consistent way.  If I could read the
> certificate source itself, I could resolve whatever suspicion I have to the
> validity of the information and let my software validate the cryptographic
> validity of the signature.

You may be able to "resolve whatever suspicion" you "have to the validity of
the information." But how about your grandmother? I know my grandmother will
not, whether the information is displayed in XML or some textual version of
ASN.1/BER/DER.

Regards,
Aram Perez

[snip]

References:
- Re: ASN.1 readability (was Re: Semi-annual reminder: dumpasn1 utility available)
  - From: Robert Klerer

Prev by Date: RE: OCSP identifiers
Next by Date: ANNOUNCE: ISOC Netw. & Distr. Sys. Security Symp. (NDSS'01)
Previous by thread: Re: ASN.1 readability (was Re: Semi-annual reminder: dumpasn1 utility available)
Next by thread: ANNOUNCE: ISOC Netw. & Distr. Sys. Security Symp. (NDSS'01)
Index(es):
- Date
- Thread