On Wed, 12 Mar 2003 08:54:58 PST, "Hallam-Baker, Phillip" <pbaker@verisign.com> said: > Please support that accusation with facts. > Netscape, Microsoft and Lotus have interoperated for at least five > years. If you have evidence of incompatibility then please state > the errors so they can get fixed. <RANT> And *HOW* many years did Microsoft products *interoperate* before somebody pointed out the completely b0rked implementation of basic constraints? How many years did a lot of SNMP products *interoperate* before major holes in the ASN.1 parser were revealed? </RANT> Software that interoperates with things that play nice isn't secure, it's only interoperable. For security, you need the *additional* constraint that it refuse to talk to things that are trying to lead it astray. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
pgp00019.pgp
Description: PGP signature