Synonyms are Bad

I’ve been working on TLS lately. The specs, the APIs, and even the docs make me feel dumb. Why is this so hard?! I struggle when it takes 2 hours to do something that should take 20 minutes.

One thing that makes TLS difficult is the jargon and acronyms. To create a certificate you’re gonna encounter:

  • ASN.1
  • CA
  • CN
  • DER
  • EC
  • PEM
  • PKCS 8
  • RSA
  • SAN
  • X.509

Which ones do you recognize?

It slows me down when a concept has multiple names. Here’s one from a codebase that’s usually okay:

fun addSubjectAlternativeName(altName: String) {
  altNames += altName

fun commonName(cn: String) { = cn

The functions use subjectAlternativeName  and commonName but the parameters call these altNames and cn. Do more certificate work and you’ll also see san, which stands for Subject Alternative Name.

One thing? One name.

I am much happier when each concept has exactly one name. I don’t want to wonder whether I can pass a commonName to a function that wants a CN.

I see this problem everywhere. Sometimes within even small projects I puzzle, “is this distinction between file and path deliberate?” “Are bitmap and image different somehow?” “are users and accounts interchangeable?”

If there is a distinction, use distinct names.

But if there isn’t, please don’t. Complexity grows with the number of distinct concepts, and it’s a mistake to create unnecessary complexity.