Re: Best practice for data encoding?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Some ASN.1 compilers have had some bugs, however, this does not to indicate that
ASN.1 is bug prone. Just the opposite: Once you have a secure compiler, you can
be assured that certain kinds of bugs don't exist.

Further, in the few cases of the bugs that were found, once the bug is fixed in
the ASN.1 compiler, the application just needs to be relinked (or given new
shared library) with the new generated runtime.  And any other application which
used a vulnerable runtime, but for which the vulnerability was unknown, is also
fixed.  So, users of compiled runtime benefit from usage experience by the
entire group.

Building tools that make trustable runtimes is a good approach to certain
classes of security problems. You can't get this by hand written protocol
encode/decode layers.

		--Dean

On Mon, 5 Jun 2006, Iljitsch van Beijnum wrote:

> I was wondering:
> 
> What is considered best practice for encoding data in protocols  
> within the IETF's purview?
> 
> Traditionally, many protocols use text but obviously this doesn't  
> really work for protocols that carry a lot of data, because text  
> lacks structure so it's hard to parse. XML and the like are text- 
> based and structured, but take huge amounts of code and processing  
> time to parse (especially on embedded CPUs that lack the more  
> advanced branch prediction available in the fastest desktop and  
> server CPUs). Then there is the ASN.1 route, but as we can see with  
> SNMP, this also requires lots of code and is very (security) bug  
> prone. Many protocols use "hand crafted" binary formats, which has  
> the advantage that the format can be tailored to the application but  
> it requires custom code for every protocol and it's hard to get  
> right, especially the simplicity/extendability tradeoff.
> 
> The ideal way to encode data would be a standard that requires  
> relatively little code to implement, makes for small files/packets  
> that are fast to process but remains reasonably extensible.
> 
> So, any thoughts? Binary XML, maybe?
> 
> _______________________________________________
> Ietf mailing list
> Ietf@xxxxxxxx
> https://www1.ietf.org/mailman/listinfo/ietf
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   



_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]