On Fri, 14 Jan 2011, Phillip Hallam-Baker wrote:
I suggest that the IAB consider a policy for registries that requires all cryptographic and application layer code
points to make use of an approved extensible identifier format, with the two approved forms being URIs and ASN.1 OIDs.
-1
Not technology agnostic.
Variable length instead of fixed length
A single byte or two bytes can work for anyone with any technology, now and 50 years from now.
The main impact of this would be felt in cryptographic protocols. Instead of having separate private use code spaces
being maintained for IPSEC, DNSSEC, TLS and PKIX, each of the protocols would be extended to allow the use of ASN.1 OIDs
(where these are not already used) for private code space. It would be up to the developer of the algorithm to assign
the OID.
It's too late for that now anyway isn't it. The code path is there, and if you want to be compatible
you have to implement it. Adding a second (complicated!) code path isn't going to help anyone make it
easier.
The advantage of this approach would be that the 'vanity crypto' problem would largely disappear. Particularly if the
IETF/SAAG took the approach that it would only recommend algorithms after it was demonstrated that a very substantial
community were either using
catch-22. How can a substantial community use them before it has become a real standard?
Let a hundred flowers bloom and then Darwin can take care from that point on.
I prefer my crypto more intelligently designed.
Paul
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf