No subject


Tue Dec 1 01:26:09 CET 2009 

you
cannot compare certs mods with /RSAKeyValue/Modulus/text() mods, yet,
because of un-statedness of the complement issue of the binary (once one =
has
converted the base64 back into base2 in the case of text() ).

We do know what it is from the cert specs and dependent specs (since the
cert spec and ISO 8825 benefited from a much more formal engineering
process, honed over decades of focused cold-war formal methods applied =
to
crypto-for-comms problems). In the cert and ISO 8825 spec on BER/DER
encoding of typed values, the mod and exp from the RSA algebra are =
defined
as INTEGER types (in a SEQUENCE furthermore), and the encoding rules for =
the
primitive integers specify that an INTEGER value on the wire is: binary
(base 2) and is 2s complement. This is the same as a "signed int" in C,
except that its not field limited to 8, 16, 32 or 64 bits... The ISO =
8825
spec also sets the endian rules for the binary, to be treated as 8-bit
aligned octets.







If we can define a relation that would be the semantics of their syntax, =
I
think we would have some good justification behind us. And if one day =
they
create a semantics for their syntax, we can just owl:sameAs the two, and
deprecate ours.

Henry




[Peter Williams] this is all well and good. But can we just make it work
correctly, and reliably, first? This is basic computer communications =
stuff
(about integer bits on wires) that any networking engineer in IETF gets
right in 2 emails? =
http://en.wikipedia.org/wiki/Integer_(computer_science)=20

If you just byte compare an "unsigned int" (xml dsig's rule PROBABLY) =
and a
"signed int" (cert's rule) even on the same machine, you will get the =
wrong
answer when comparing. In 80:20 culture (e.g. Toby), intelligent people =
do
that kind of thing, and then get the wrong answer 20% of the time (or =
more
like 50%, in this case).

If you want a reference for the foaf+ssl spec on validating a cert =
against a
foaf file (since the ISO 8825 document is hard to obtain) cite the =
document
stored at http://luca.ntop.org/Teaching/Appunti/asn1.html. Its written =
by a
professional mathematician, for crypto engineering purposes, and =
educated a
thousand web engineers in the 1995 period. It's essentially a pr=E9cis =
of ISO
8825. Its distinguishes between the integer value (which we are =
discussing)
and the tagged integer (in which a tag and length are prefixed to the =
value,
so one can distinguish INTEGER values from other typed values in a
presentation syntax)

More information about the foaf-protocols mailing list