"ISAKMP" flaws?
Florian Weimer
fw at deneb.enyo.de
Fri Nov 18 05:03:14 EST 2005
* William Allen Simpson:
> Quoting "Photuris: Design Criteria", LNCS, Springer-Verlag, 1999:
>
> The hallmark of successful Internet protocols is that they are
> relatively simple. This aids in analysis of the protocol design,
> improves implementation interoperability, and reduces operational
> considerations.
>
> Compare with Photuris [RFC-2522], where undergraduate (Keromytis) and
> graduate (Spatscheck, Provos) students independently were able to
> complete interoperable implementations (in their spare time) in a
> month or so....
Photuris uses a baroque variable-length integer encoding similar to
that of OpenPGP, a clear warning sign. 8-/ The protocol also contains
nested containers which may specify conflicting lengths. This is one
common source of parser bugs.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list