[13769] in cryptography@c2.net mail archive
Re: LibTomNet [v0.01]
daemon@ATHENA.MIT.EDU (Rich Salz)
Tue Jul 8 13:40:28 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 8 Jul 2003 13:19:46 -0400 (EDT)
From: Rich Salz <rsalz@datapower.com>
To: tom st denis <tomstdenis@yahoo.com>
Cc: EKR <ekr@rtfm.com>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <20030708003709.42476.qmail@web41111.mail.yahoo.com>
I think Eric has done a slam-dunk, and perhaps our moderator will close
this thread of dicussion. :)
Eric's cursory examination has shown that Tom's code has a number of
security flaws (that can be fixed) and weaknesses (that are apparently
deliberate), in code that's not much smaller than SSL, and is certainly
less feature-ful.
Congrats on the learning exercise, Tom. Regretablly the big lesson
has avoided you so far.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
