Bug#503833: Unparseable PKCS cert

[Nikos Mavrogiannopoulos]

On Fri, Nov 7, 2008 at 10:16 AM, Simon Josefsson <simon at josefsson.org> wrote:

> I just realized: doesn't Nikos' patch actually do two separate things?
>
> 1) Add the BER stuff needed to support the PKCS#12 blob
>
> 2) Optimize tree generation by using the small_value field.
>
> It is the 2) that causes the ABI break, but 1) that is needed to solve
> to the regression.
>
> Thinking about this, and speaking generally, I don't think optimizations
> are important enough to warrant an ABI break without good justification.
> Nikos, did you do any benchmarking?  How much is slowed down because of
> this?

I don't think this is a question that we would like to set to
ourselves. It leads to another questions on which optimization would
be good enough or which addition is good enough to justify the break.

The real question would be whether we want the internal structures
published on the public API. I don't think we want this. It leads to
us being handicap (like we are now) to apply any optimization/addition
to the internal works of the library. Thus for me it is a good thing
to move them away as soon as we can to allow further development on
libtasn1.

The other question is whether someone would like to split this patch
and apply the fix for the another compatible stable release to be
made, or just for debian version to apply it. I am not interested in
doing it, but I wouldn't object either. It is a good thing to do.

> I'm beginning to feel that we should remove the small_value part of this
> patch, to retain ABI compatibility.

No I am strongly against such a move. We would have to answer again
this question on the next serious change. By insisting on being
backwards compatible (without a serious reason) we will prevent any
further development on this library.

regards,
Nikos