Ashley Kopman <akop...@conceptsbeyond.com> writes:
>But I want to be clear that I do not intend to implement a solution and try
>to sell it to the community.
Sure, and I wasn't saying that, just pointing out the problems that have
arisen in other situations where industry bodies have adopted orphan standards
that ended up requiring custom implementations and support, which gives
vendors a pretty captive market.
Speaking of which, the ASN.1 diagnostic tool dumpasn1 doesn't currently have
any real support for SCVP in it because until now I've never been able to find
any examples of it. Do you, or anyone else, have samples of a typical request
and response, and the accompanying policy request and response, that I could
use to test dumpasn1 on? I haven't looked at RFC 5055 for a long time but
just skimmed it recently and it looks like a prime example of the problems I
described in my previous message, all SEQUENCE OF SEQUENCE { CHOICE { CHOICE {
CHOICE { SEQUENCE OF { OPTIONAL, OPTIONAL, OPTIONAL, OPTIONAL, OPTIONAL } } }
} }, there's so many variants and optional pieces that I'd have no idea what's
actually used in practice. That's also why I'm fairly surprised that anyone
was able to achieve interoperability with that as the spec, unless there's a
profile of it somewhere that I don't know about.
Peter.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
