On Fri, Dec 18, 2015 at 2:37 PM, David Howells <dhowe...@redhat.com> wrote:
>
> Except that it has been argued that they have to be there or someone can use
> dates that contribute to the signature to fake a signed content. Admittedly
> being able to have a seconds=60 value in somewhere that should stop at 59
> doesn't allow a lot of contribution...
Oh Christ, you've been talking to the crazies again.
Here's a good rule of thumb: the more vocal the security person is,
the more likely he is wrong and crazy.
Allowing '24' in the hour field (and '60' in the second) field adds
something like on twentieth of a bit of extra information for an
attacker to play with. Not one whole bit. One _twentieth_ of a bit.
They already had access to the range 0-23 and 0-59, giving them access
to a slightly larger range doesn't really give them anything
fundamentally more interesting.
If your key uniqueness depend on that kind of "much less than one bit
of information" security, your key is garbage.
In other words, it's not an argument you should care about.
Btw, if you want a *real* bit of information that you can actually use
to make informed judgement that i worth something, then use *that*
bit: the kind of people who spout idiotic theoretical nonsense like
that, are people you should ignore. What else did they tell you?
Because that was probably crap too.
There are good security people out there, but there's a lot of
crackpors out there too. You need to recognize the crackpots.
Another good rule of thumb: if you can make the code simpler and more
obvious, do it. Because *that* is going to make it a hell of a lot
more secure than trying to be clever about when you can allow 24 or 60
in the hours/seconds field.
Linus
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
