Tanja Lange <[email protected]> writes:

>Maybe it just was a rethorical quations,  but here is a quick brain dump,
>sorry if I missed anybody's favoite:

All of those are implementation errors:

- If you implement known-broken crypto, it's an implementation error.
- If you implement RSA with too-short keys, it's an implementation error.
- If your implementation chooses weak primes for RSA, it's an implementation 
error.
- If you get RSA padding wrong, it's an implementation error.

More generally, if you implement crypto badly, it's an implementation error.
For example if I implement RSA with p = q, that's a (pretty bad)
implementation error.

Peter.
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to