User interface, security, and "simplicity"

Peter Gutmann pgut001 at
Wed May 7 01:01:35 EDT 2008

"James A. Donald" <jamesd at> writes:

>In any program subject to attack, all strings should have known, documented,
>and enforced maximum length, a length large enough for all likely legitimate
>uses, and no larger.

Precisely.  An example of where dynamic strings can lead you is what happens
to old (very old) versions of Netscape when you feed them a cert with, say, an
MPEG of a cat in the X.500 DN.  Netscape happily accepts the cert but you then
have to reinstall the browser because while it'll quite readily accept
ridiculously long values it doesn't actually cope with them very well.  A
security component that's trivially taken out by a DoS isn't a security
component, it's a vulnerability.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list