On Mon, 5 Jun 2006 20:07:24 -0400, "David Harrington"
<ietfdbh(_at_)comcast(_dot_)net> wrote:
Hi
The security problems identified in
http://www.cert.org/advisories/CA-2002-03.html "Multiple
Vulnerabilities in Many Implementations of the Simple Network
Management Protocol (SNMP)" are not caused by the protocol choice to
use ASN.1, but by vendors incorrectly implementing the protocol (which
was made worse by vendors using toolkits that had the problems).
If "Multiple Vulnerabilities in Implementations" were used to condemn
the encoding methods of protocols that have been incorrectly
implemented, then we would have to condemn an awful lot of IETF
protocols as being very (security) bug prone:
Works for me....
More precisely -- when something is sufficiently complex, it's inherently
bug-prone. That is indeed a good reason to push back on a design. The
question to ask is whether the *problem* is inherently complex -- when the
complexity of the solution significanlty exceeds the inherent complexity of
the problem, you've probably made a mistake. When the problem itself is
sufficiently complex, it's fair to ask if it should be solved. Remember
point (3) of RFC 1925.
I'll note that a number of the protocols you cite were indeed criticized
*during the design process* as too complex. The objectors were overruled.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf