Hacker News new | comments | ask | show | jobs | submit login

> Since binary data can be a pain to transmit, it’s often further encoded into PEM. PEM is essentially just Base64-encoded DER.

Why's binary data a pain to transmit and how does base64 encoding help with that?

There are usually far more ways to move text around than arbitrary binary bits, such as copy-pasting in terminals and web forms. It also lets you embed certificates in formats that don't normally support literal binary data, such as JSON.

To add to this already good explanation, it's my understanding that base64 and the MIME packaging scheme were invented because many early Internet protocols made a distinction between text mode and binary mode due to the majority of the protocol framing being text. You can thank them for that textual decision(?) when you're debugging SMTP with a copy of netcat, but it means that a PDF attachment needs to be encoded to travel over email.

To bring this conversation back to PKI, base64 encoding means you can embed the GPG signature of your email body in the text itself, without having to deal with attachments like S/MIME does

PEM format also adds the "----- BEGIN …" header/footer around the base64-encoded contents, which helps humans identify what the blob is.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact