[Cryptography] GnuTLS -- time to look at the diff.
John Kelsey
crypto.jmk at gmail.com
Tue Mar 11 07:59:43 EDT 2014
It seems like a more useful thing for the standards writers to do would be to produce a pretty comprehensive set of test cases (mostly things that should be rejected), and maybe offer a bounty on stuff that the protocol says should be rejected, but for which there is no test case exercising that bit of the code.
A nicer coding style or a more modern language won't do nearly so much to prevent problems as that will.
--John
More information about the cryptography
mailing list