W3C home > Mailing lists > Public > public-xg-webid@w3.org > December 2011

The Science of Insecurity

From: Henry Story <henry.story@bblfish.net>
Date: Thu, 29 Dec 2011 16:00:12 +0100
Message-Id: <875ADFEA-42EE-4236-B029-2B9EC507E433@bblfish.net>
To: WebID XG <public-xg-webid@w3.org>
Here is a very interesting talk given at the 28c3 in Berlin today on how to analyse protocols for insecurity, using language complexity and the turing halting problem as a basic measure to delimit what cannot be resolved.


So it would be an interesting work to look at the components we are using to see how these fit into this.

So we could look at the serialisations we are using
  - RDF/XML 
  - Turtle
  - NTriples (ok, this one is clearly parseable with regexps)
  - RDFa

Then to look at the underlying protocols:

  - TLS and X509
  - HTTP

From what I understand it looks like there are a couple of issues with X509 ASN.1 encodings I think due to the way numbers are encoded there. And HTTP has the Content-Length field. 

Social Web Architect
Received on Thursday, 29 December 2011 15:00:46 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:06:28 UTC