DOC-BUG: Security considerations for parsing records

ietf-mxcomp

DOC-BUG: Security considerations for parsing records

2004-09-03 15:47:47

I haven't seen this mentioned in the drafts, but I remember someoneBellovin bringing this up in a different forum in regards to SPF a fewmonths ago. Among the two RR formats for Sender-ID, is the TXT format.As Steve pointed out, parsing any kind of free form data can potentiallylead to security issues if the parsers are not written properly (such asbuffer overruns). Therefore, it might be useful to add a section or justa few sentences to mention that issue.


Yakov

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
DOC-BUG: Security considerations for parsing records, Yakov Shafranovich <= Re: DOC-BUG: Security considerations for parsing records, william(at)elan.net Issues raised in comments by Steve Belovin from January 2004, william(at)elan.net Re: Issues raised in comments by Steve Belovin from January 2004, Chris Haynes

Previous by Date:	Re: consensus call on MUST/SHOULD language for TXT records, mazieres
Next by Date:	Re: consensus call on MUST/SHOULD language for TXT records, william(at)elan.net
Previous by Thread:	consensus call on MUST/SHOULD language for TXT records, Andrew Newton
Next by Thread:	Re: DOC-BUG: Security considerations for parsing records, william(at)elan.net
Indexes:	[Date] [Thread] [Top] [All Lists]