[Cryptography] GnuTLS -- time to look at the diff.
nico at cryptonector.com
Tue Mar 11 17:01:45 EDT 2014
On Tue, Mar 11, 2014 at 6:59 AM, John Kelsey <crypto.jmk at gmail.com> wrote:
> It seems like a more useful thing for the standards writers to do would be to produce a pretty comprehensive set of test cases (mostly things that should be rejected), and maybe offer a bounty on stuff that the protocol says should be rejected, but for which there is no test case exercising that bit of the code.
Er, yes, agreed, but the standards generally say these things, just
not in a way that can be easily extracted for the purpose of building
a wasp nest / test suite.
Perhaps we need to consider a more formal standards-writing language,
but there's a lot of resistance to that (see the recent discussions
about JSON schema languages in the IETF JSON WG). A more realistic
alternative might be to produce an Informational follow-on to any
standard like TLS that has a description of all the test cases related
to violations of requirements in the standard.
> A nicer coding style or a more modern language won't do nearly so much to prevent problems as that will.
Agreed. Code needs to be readable. I don't see how the Apple goto
failure style hurts readability. The accident happened (or could
have) for reasons unrelated to style.
More information about the cryptography