On Wed, 12 Mar 2003 08:54:58 PST, "Hallam-Baker, Phillip"
<pbaker(_at_)verisign(_dot_)com> said:
Please support that accusation with facts.
Netscape, Microsoft and Lotus have interoperated for at least five
years. If you have evidence of incompatibility then please state
the errors so they can get fixed.
<RANT>
And *HOW* many years did Microsoft products *interoperate* before somebody
pointed out the completely b0rked implementation of basic constraints?
How many years did a lot of SNMP products *interoperate* before major holes
in the ASN.1 parser were revealed?
</RANT>
Software that interoperates with things that play nice isn't secure, it's only
interoperable. For security, you need the *additional* constraint that it
refuse to talk to things that are trying to lead it astray.
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
pgpEs7HkqN6Ie.pgp
Description: PGP signature