"ISAKMP" flaws?
Bill Stewart
bill.stewart at pobox.com
Tue Nov 22 04:02:24 EST 2005
At 06:56 PM 11/18/2005, William Allen Simpson wrote:
>>| tromped around the office singing, "Every bit is sacred / Every bit
>>| is great / When a bit is wasted / Phil gets quite irate."
>....
>>| Consider this to be one of the prime things to correct. Personally,
>>| I think that numbers should never (well, hardly ever) be smaller
>>| than 32 bits.
>>(Jon Callas, 1997-08-08)
>Ah yes, a couple of years after Photuris. And wasn't Jon the _author_
>of the PGP variable length integer specification? Hoisted on his petard?
No, it was still Phil's old heavily-used petard,
worked over by various other people from PGP 3.0 and PGP Inc.
Jon was going for backwards compatibility in the OpenPGP specs.
He may have cleaned up the specs a bit,
and fixed some of the security holes from VL-integer exploits,
but unfortunately OpenPGP retained almost all the old ugliness.
I was always grumpy about the impossibility of doing stealth easily
in the native PGP formats and the fact that the OpenPGP code
fossilized it. For political reasons I'd have also liked
PGP to have had an optional very simple format so you could
fit it into one page of Perl or equivalent to go with the
RSA in 4 lines of Perl or lisp.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list