OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Fwd: [e-lang] Protocol implementation errors

[ Lists Home | Date Index | Thread Index ]

Rich Salz wrote,
> Tyler Close wrote,
> > A list of legacy apps that use ASN.1, and haven't experienced the
> > same problems as OpenSSL and SNMP, would do fine.  Surely someone
> > must have safely implemented it.
> The international phone system.

That's a good answer to a different question.

Tyler originally asked for examples of applications which "have not had 
long-lived bugs in their ASN.1 code", which I can only make sense of as 
a request for examples of applications without long-lived 
_undiscovered_ bugs in their ASN.1 code (otherwise OpenSSL would 
qualify, since it's bugs have been fixed pretty quickly once 

But that's an impossible request, short of a formal proof of correctness 
of those ASN.1 _implementations_ and, since such proofs are likely to 
be too complex to be done manually, proofs of the correctness of the 
model-checking software that's used to produce them (then iterate ad 
nauseam). I'd be interested to hear of _any_ non-trivial piece of 
software which comes with this kind of guarantee.




News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS