XML Editor - Download a Free Trial >
See What's New >
Buy Now >

[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

RE: Fwd: [e-lang] Protocol implementation errors

common asn.1 ber errors
Play the video
It may also be a period issue.  As has been 
noted by some in the Managing Innovation thread 
here and in articles published recently on 
security, sloppy code is a common problem 
in all systems with regards to security, 
and that this emphasis on security is a 
recent phenomenon with regards to widespread 
awareness.  XML is a reworking of SGML on 
the Web and the Web itself is the primary 
source of the massive outbreak of security 
problems in recent years.  Its culture and 
its ubiquity have contributed.  Now that same 
culture must use that ubiquity to raise 
awareness of the problems and the solutions, 
and the members of it must learn to collaborate 
to innovate new solutions.  XML has the advantage 
over ASN.1 that its tools were created as that 
awareness was emerging because the environment 
to which it is targeted nurtured the problem.

The first step will be to learn to dampen 
Spy Vs Spy arguments with regards to who 
has the safest system in situations where 
it is the coding culture that is at issue.

len

-----Original Message-----
From: Tim Bray [mailto:tbray@t...]

Alessandro Triglia wrote:

> Decoding ASN.1 BER/DER is not particularly difficult.  The procedure is
> specified in pages 10-37 of X.690 (*), which has been around for two
> decades.  If there are buggy implementations out there, they are not due
to
> the alleged complexity of ASN.1, but to careless programming and
superficial
> testing.

Empirically, though, when I have been faced with actual BER data, 
*ER-reading tools have been hard to find and of generally lousy quality. 
  This is not the case with XML tools.  Assuming you are correct about 
the difficulty, I assume this is a result of cultural and market rather 
than technical issues. -Tim

PURCHASE STYLUS STUDIO ONLINE TODAY!

Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced!

Buy Stylus Studio Now

Download The World's Best XML IDE!

Accelerate XML development with our award-winning XML IDE - Download a free trial today!

Don't miss another message! Subscribe to this list today.
Email
First Name
Last Name
Company
Subscribe in XML format
RSS 2.0
Atom 0.3
 

Stylus Studio has published XML-DEV in RSS and ATOM formats, enabling users to easily subcribe to the list from their preferred news reader application.


Stylus Studio Sponsored Links are added links designed to provide related and additional information to the visitors of this website. they were not included by the author in the initial post. To view the content without the Sponsor Links please click here.

XML Editor - Download a 15 Day Free Trial Now >
See What's New in Stylus Studio >
Buy Stylus Studio - XML Editor - Now >
Site Map | Privacy Policy | Terms of Use | Trademarks
Free Stylus Studio XML Training:
W3C Member
Stylus Studio® and DataDirect XQuery ™are products from DataDirect Technologies, is a registered trademark of Progress Software Corporation, in the U.S. and other countries. © 2004-2013 All Rights Reserved.