[Cryptography] TLS2
James A. Donald
jamesd at echeque.com
Wed Oct 2 02:13:00 EDT 2013
On 2013-10-02 13:18, Tony Arcieri wrote:
> LANGSEC calls this: full recognition before processing
>
> http://www.cs.dartmouth.edu/~sergey/langsec/occupy/
> <http://www.cs.dartmouth.edu/%7Esergey/langsec/occupy/>
I disagree slightly with langsec.
At compile time you want an extremely powerful language for describing
data, that can describe any possible data structure.
At run time, you want the least possible power, such that your
recognizer can only recognize the specified and expected data structure.
Thus BER and DER are bad for the reasons given by Langsec, indeed they
illustrate the evils that langsec condemns, but these criticisms do not
normally apply to PER, since for PER, the dangerously great power exists
only at compile time, and you would have to work pretty hard to retain
any substantial part of that dangerously great power at run time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131002/e768bf24/attachment.html>
More information about the cryptography
mailing list