[18982] in cryptography@c2.net mail archive
Re: "ISAKMP" flaws?
daemon@ATHENA.MIT.EDU (Florian Weimer)
Fri Nov 18 15:33:42 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Florian Weimer <fw@deneb.enyo.de>
To: William Allen Simpson <wsimpson@greendragon.com>
Cc: cryptography@metzdowd.com
Date: Fri, 18 Nov 2005 11:03:14 +0100
In-Reply-To: <437D17CB.6000402@greendragon.com> (William Allen Simpson's
message of "Thu, 17 Nov 2005 18:52:43 -0500")
* William Allen Simpson:
> Quoting "Photuris: Design Criteria", LNCS, Springer-Verlag, 1999:
>
> The hallmark of successful Internet protocols is that they are
> relatively simple. This aids in analysis of the protocol design,
> improves implementation interoperability, and reduces operational
> considerations.
>
> Compare with Photuris [RFC-2522], where undergraduate (Keromytis) and
> graduate (Spatscheck, Provos) students independently were able to
> complete interoperable implementations (in their spare time) in a
> month or so....
Photuris uses a baroque variable-length integer encoding similar to
that of OpenPGP, a clear warning sign. 8-/ The protocol also contains
nested containers which may specify conflicting lengths. This is one
common source of parser bugs.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
