I spent a year making an ASN.1 compiler in D

Original Article ↗ Hacker News Discussion ↗

Perceptions of ASN.1

  • Many commenters recount ASN.1 as painful, especially via X.509/PKI and telecom stacks; others strongly defend it as elegant and powerful.
  • Criticisms: over‑engineered, huge spec surface, many edge cases, and decades of buggy implementations (notably mixed BER/DER).
  • Defenses: a well‑designed, generic type system with formalism, extensibility, and multiple encodings; problems blamed more on PKI, X.400/X.500 naming, and bad tooling than on ASN.1 itself.

Technical Pros/Cons and DER vs BER

  • DER’s canonical TLV encoding is seen as a key win for signatures and certificates; several say that if you stick to DER and a limited subset of ASN.1, life is manageable.
  • BER and non‑canonical encodings are widely blamed for complexity and interoperability bugs.
  • Some insist DER can be parsed generically without schema; others note IMPLICIT tagging and OCTET‑STRING‑wrapped subvalues make semantics opaque without specifications.
  • The zoo of string and time types (many legacy encodings) is seen as crusty but mostly ignorable in modern profiles (e.g., “just use UTF8String/GeneralizedTime”).
  • PER/OER and non‑TLV encodings are praised as more compact but harder to use without shared schema.

Alternatives and “What If Designed Today?”

  • Comparisons with Protobuf, Thrift, JSON, CBOR, JWT/JOSE:
    • Some call Protobuf “ASN.1 with better tooling,” others say they’re fundamentally different.
    • CBOR/COSE is viewed as a modern, self‑describing binary alternative with canonical forms; a candidate for future security protocols.
    • If TLS/PKI were designed today, several expect JSON/CBOR‑based formats (JWT/CWT‑like), others think Protobuf would be chosen.
  • Debate over canonical encodings: some argue they’re unnecessary if you always verify over the original bytes.

Implementation Experiences

  • Multiple people built or extended ASN.1 compilers (in D, C, Java, Swift, Rust) and describe it as “hurts, but in a good way.”
  • Real‑world uses: Web PKI, SNMP MIBs, eIDAS/PAdES, passports, aircraft/ATN messaging; embedded contexts sometimes hand‑roll small decoders and cope with non‑compliant encodings.
  • ASN.1 is praised for enabling strict schemas, typed “holes,” and compact encodings; also blamed for unforgiving edge cases where the last 20% takes most of the effort.

Discussion of D Language

  • Many like D’s design: native binaries, C/C++ interop, fast compilation, UFCS, built‑in unit tests, contracts, and ImportC.
  • Concerns: missed adoption window, weaker ecosystem and tooling versus Go/Rust, historical stigma of proprietary compilers (though now open), and a standard library (Phobos) full of “paper cuts.”
  • Lengthy argument over the optional GC:
    • One side: optional GC fractures the ecosystem and limits library reuse in GC‑free code.
    • Other side: this is no worse than subsets in C++/Rust; GC is just one allocator among many, and D’s strength is mixing GC and manual memory management.
  • People suggest D needs a “killer framework” (e.g., web or game engine) and better async/coroutines to regain momentum; work on Phobos v3 and coroutines is mentioned but future impact is uncertain.