OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Fwd: [e-lang] Protocol implementation errors

[ Lists Home | Date Index | Thread Index ]

> Are you saying it doesn't make sense to ask why ASN.1 has been
> vulnerable to long-lived bugs? We are not talking about just one
> bug in just one implementation.

In every case so far, it's been untested code paths.  As others have 
said, that's not ASN1/[BDPX]ER's fault.

> Using a technology without studying its past failures is not good
> engineering practice.

Thanks for the lesson.

Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS