[144644] in cryptography@c2.net mail archive
Re: The latest Flash vulnerability and monoculture
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Sun Jul 26 23:22:13 2009
To: Jerry Leichter <leichter@lrw.com>
Cc: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Sun, 26 Jul 2009 23:20:32 -0400
In-Reply-To: <5A3AE06B-1554-41CE-96CF-14BCD2AC36E9@lrw.com> (Jerry Leichter's message of "Sun\, 26 Jul 2009 23\:09\:38 -0400")
Jerry Leichter <leichter@lrw.com> writes:
> While I agree with the sentiment and the theory, I'm not sure that it
> really works that way. How many actual implementations of typical
> protocols are there?
I'm aware of at least four TCP/IP implementations in common use, several
common HTTP servers (though there are far more uncommon ones), at least
four or six common web browsers (depending on whether you count the
several that use webkit as a single implementation or not), a half dozen
jpeg libraries, three different opentype implementations, etc., etc.
> One way or another, a single implementation usually wins out in the
> OSS community.
See above -- even counting only open source, we have *many*
implementations. Heck, there are even multiple independent open source
SSL, SSH and PGP implementations.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
