security patches

David Shaw dshaw@jabberwocky.com
Mon Oct 8 15:28:01 2001


--dDRMvlgZJXvWKvBx
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Oct 08, 2001 at 03:15:44PM +0200, Florian Weimer wrote:

> David Shaw <dshaw@jabberwocky.com> writes:
>=20
> > Obviously, the hashed area is a heck of a lot more useful in
> > practice...
>=20
> And there's a tendency for implementation errors because of the two
> areas which require rather different treatment.
True. The famous ADK bug was from this exact problem. It would be nice if the RFC had a note saying something like "Hey Buddy - if you want to rely on these subpackets being unchangeable, put them in the HASHED section!" :) David --=20 David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/ +--------------------------------------------------------------------------= -+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson --dDRMvlgZJXvWKvBx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iQEVAwUBO8GpU4ccwqs8s7QVAQHLFwgArI3RnqJI9LsTIXRgieJXzN+cXyIoIjRa DwjmeFCu9lPc2IvafM5CoeW3uFfZEIblTcyJZyZu7mSA9rbrYmQbkcl3pXvaasib zdlC6F+A6+fGPa03Rmrdp0cMfdb94CGokIQ2R3rIA0xIO9ktEzwu0ptwojALmUNE 9ELWs7HL7R0m1uBYg8o9vPtGYNesNaoR8wCSwXGKFcg/7TMYOC9sqonkGnbFgQ1H q/rqd6XLFyLEzWtB3uA04dyBpb+4/NTyQvLHjU30XL2P77BoYke/tlSUfz9hZZzP g9Uj+sJMHwCyLhWpnqCbLsg1zmM5q3cjt1FqporN8SLJQIRmUogtag== =a4MW -----END PGP SIGNATURE----- --dDRMvlgZJXvWKvBx--