[Cryptography] GnuTLS -- time to look at the diff.

[Tony Arcieri]

On Thu, Mar 6, 2014 at 3:46 PM, Salz, Rich <rsalz at akamai.com> wrote:

> > Buffer overruns are a very clear example. We could use languages, PL/I
> is one of the early ones, where buffer overruns are not possible, but we
> don't.
>
> I don't know about you, but I would rather have an SSL/TLS library that I
> can call from my C, and other, code that has some bugs. Then have a bugfree
> implementation written in some language that I cannot use.


This is not only some of the worst security advice I've ever heard, but a
painful false dichotomy.

There are memory safe languages that interoperate just fine with C, like
Rust, which would eliminate the entire class of errors we've seen behind
the recent TLS stack breakage. Beyond Rust's memory safety, it does things
like mandate braces around if statements (which would've prevented "goto
fail"), and has proper boolean types natively as well as an Option type
which would eliminate the sort of confusion around return values which lead
to the GnuTLS (a bad pattern seen in OpenSSL as
well<https://www.openssl.org/docs/ssl/SSL_shutdown.html>
).

Last but not least, Rust knows how to automatically deallocate memory and
call destructors, so it doesn't have or need a goto statement for this sort
of stuff.

TLS is worthless unless we have the closest thing to a bug-free library
possible. C is not getting us there.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140307/f3cdaf3a/attachment.html>