OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Fwd: [e-lang] Protocol implementation errors

[ Lists Home | Date Index | Thread Index ]

On Saturday 04 October 2003 02:52, Miles Sabin wrote:
> Rich Salz wrote,
> > Tyler Close wrote,
> >
> > > A list of legacy apps that use ASN.1, and haven't experienced the
> > > same problems as OpenSSL and SNMP, would do fine.  Surely someone
> > > must have safely implemented it.
> >
> > The international phone system.

Interesting. Can you be more specific?

> That's a good answer to a different question.

No, it's close to the answer I was looking for.

> Tyler originally asked for examples of applications which "have not had
> long-lived bugs in their ASN.1 code", which I can only make sense of as
> a request for examples of applications without long-lived
> _undiscovered_ bugs in their ASN.1 code (otherwise OpenSSL would
> qualify, since it's bugs have been fixed pretty quickly once
> discovered).
> But that's an impossible request, short of a formal proof of correctness
> of those ASN.1 _implementations_ and, since such proofs are likely to
> be too complex to be done manually, proofs of the correctness of the
> model-checking software that's used to produce them (then iterate ad
> nauseam). I'd be interested to hear of _any_ non-trivial piece of
> software which comes with this kind of guarantee.

On Friday 03 October 2003 16:22, Miles Sabin wrote:
> Now you're just being silly.

Right back at you.



News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS