Lists Home |
Date Index |
> Back in the early 80's when we were beginning the process of
> defining what eventually became X.400, X.500, ASN.1 etc., the ASN.1
> world had a long drawn-out battle with the SGML folk over the encoding
> to use. For many really good reasons (processing speed, compact
> encoding, clarity of specification, etc.) ASN.1 beat the forces of
> IBM, Goldfarb, etc. and all was good.
Won the battle, lost the war on every other front: MIME beat X.400,
LDAP like a virus wrapped around X.500 and then killed it become the
directory by itself, TCP/IP smothered CLNS et al, SunRPC, DCE, DCOM,
etc killed ROSE (is that the right one?) and so on.
The only thing that lasted was ASN.1. Arguably the only reason
that lasted was because at the time RSA, MIT, et al were defining
the PKCS specs, ASN.1 was the only thing there was. Jef Schiller,
the MIT/IETF guy who mandated ASN.1 use in Kerberos later called
that decision "a brain f*rt." If the security/crypto guys hadn't
used it, then the only thing keeping it alive on the Internet would
be LDAP, and it was probably 50-50 that they didn't go Corba IIOP. :)
ASN.1's biggest success is in phone companies. The same folks who
own ITU. The connection is probably not a coincidence.
ASN.1 didn't win. It lasted long enough so that it might come back into
style again. Wait long enough and the same could be said for bell-bottoms.
> It is *still* better to design using abstract concepts, not concrete
Proof by assertion. I don't buy it. Especially not for network protocols.
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html