On Tue, Jun 21, 2011 at 2:10 PM, Marsh Ray <[email protected]> wrote: > On 06/21/2011 10:27 AM, Nico Williams wrote: >> >> Martin Rex found the TLS renegotiation bug independently from Marsh >> Ray by thinking of how the SSPI is used to interface to TLS. The SSPI >> was so faithful to TLS that it really exposed the bug. > > Right, so one of the lessons learned here was that if IETF had considered > APIs and not just protocols those bugs in TLS would have been found long > ago.
+1e6. Note that I don't mean that we need to standardize APIs for every programming language, or even any -- just abstract APIs would go a great distance in terms of security analysis not just of the protocol but how it's used. There are folks who look at the GSS-API and disdainfully think "oh my gawd, that's so complex", when in fact most GSS apps use a very simple subset of the API. By having an API we gained a lot. > This gets back to the idea of a protocol being developed and blessed as > "secure" from a crypto perspective, but those who go to implement it do so > primarily with the goals of simplicity, efficiency, interoperability, > functionality, and security. There's sometimes a huge DMZ between the two > mindsets which makes a nice playground for attackers, hackers, and Murphy's > Law. Yes. We must look at whole-system security. Nico -- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
