-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dan has been an exception to just about every rule, including the "you should take me seriously" rule. Not that this is a good thing, the guy is brilliant...
On Wed, 26 Nov 2008 14:40:42 -0500 Paul Schmehl <[EMAIL PROTECTED]> wrote: >--On November 26, 2008 1:59:27 AM -0600 Elazar Broad ><[EMAIL PROTECTED]> >wrote: > >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Um, NTLM isn't the only 20 or so year old protocol to take the >rap >> recently, I can think of a low numbered rfc, lets say 1034 and >> 1035. Hindsight is 20/20, and 20 years ago, who would have >thought >> that a 16 bit number was way too small for DNS transaction id, >the >> same "who would have though" goes for NTLM and the rest. Lets >face >> it, protocol design bugs suck, and to completely replace a >widely >> used protocol ranks pretty high in the PiTA hall of fame... >> > >In that particular case Dan Bernstein not only *did* think about >it but >actually did something about it. It's just that no one else was >listening. > >Paul Schmehl, If it isn't already >obvious, my opinions are my own >and not those of my employer. >****************************************** >WARNING: Check the headers before replying -----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQECAAYFAkkwQUkACgkQi04xwClgpZiDIQP9FlPRrcxmuee/EiJFAAYZrAeTKvqj Lze+xlyTfWickh0JaczRYfNnho5MWAiie+jF5QjcXPJTch64hWvxm8PzjRbIqcnGGbMa dtvUk7PF7hELryWHy8CRu/WGHq5ejD3CFegdnX9HpbKD8zBXmuJdtNpSc0wwGvGcxe9z XBCqXx4= =w/u9 -----END PGP SIGNATURE----- -- Click here to choose from a huge selection of the billiard accessories you need. http://tagline.hushmail.com/fc/PnY6qxubm7YZMMzPW1eIA3ZOBhrMWDmFw8sLmh0HJftgy2H1YOYys/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
