[122764] in cryptography@c2.net mail archive
Re: User interface, security, and "simplicity"
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed May 7 13:56:30 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, jamesd@echeque.com
In-Reply-To: <4820F784.9010005@echeque.com>
Date: Wed, 07 May 2008 17:01:35 +1200
"James A. Donald" <jamesd@echeque.com> writes:
>In any program subject to attack, all strings should have known, documented,
>and enforced maximum length, a length large enough for all likely legitimate
>uses, and no larger.
Precisely. An example of where dynamic strings can lead you is what happens
to old (very old) versions of Netscape when you feed them a cert with, say, an
MPEG of a cat in the X.500 DN. Netscape happily accepts the cert but you then
have to reinstall the browser because while it'll quite readily accept
ridiculously long values it doesn't actually cope with them very well. A
security component that's trivially taken out by a DoS isn't a security
component, it's a vulnerability.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
