1995-08-31 - Re: Is the book Network Security any good?

Header Data

From: Rich Salz <rsalz@osf.org>
To: owner-cypherpunks@toad.com
Message Hash: d703f9a32f7623cd3f09ceb1613a1f9b7fdf20e06e3d8b47e9427e11a269afc2
Message ID: <9508310333.AA12779@sulphur.osf.org>
Reply To: N/A
UTC Datetime: 1995-08-31 03:33:58 UTC
Raw Date: Wed, 30 Aug 95 20:33:58 PDT

Raw message

From: Rich Salz <rsalz@osf.org>
Date: Wed, 30 Aug 95 20:33:58 PDT
To: owner-cypherpunks@toad.com
Subject: Re: Is the book Network Security any good?
Message-ID: <9508310333.AA12779@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain


>It does have some very irritating assertions concerning ASN.1 however, 
>specifically concerning its use in Kerberos. I consider Kerberos's use of ASN.1 
>to be far superior than the alternative suggested which is pure lossage. 

What was the alternative suggestion? Many KRB5 folks, including Ted T'so,
have said that using ASN.1 is the biggest mistake in the KRB5 protocol.

>Lambasting the use of ASN.1 is fair game but arguments over wasted bytes miss the 
>point of ASN.1 and the BER encoding entirely.

Hunh?  The points of ASN.1 and BER (DER? -- a little mavros joke :) 
*are* irrelevent to Kerberos.  Wasted bytes in your security protocol
should most definitely be a concern.

Charlie and Radia are hot-shits; I don't know the other guy.
	/r$





Thread