Re: Misconceptions about the GSS-API

In message <CAK3OfOhrjOTa5miWJdDd4_gEHHCD4rODwjwtEQz248yfqfjueg@mail.gmail.com>
, Nico Williams writes:

>3) The GSS-API is a very large API, yes, but typical applications use
>only a very small subset of the available GSS functions.

Just out of curiosity:

Does that really sound like good security engineering for a
narrow-scope protocol like HTTP/2 to you ?

It certainly sounds wrong to me.

It almost certainly IS wrong, if the goal is to get as many mediocre
programmers as possible to implement protection correctly.

One of the main reasons Varnish does not support HTTPS is the the
quality of the APIs available, and the elephantine amounts of
needless generality behind them.

I know crypto is never simple, but arguing that it comes with a lot
of complexity that most users don't need, is not a winning argument
in my book.

Crypto for HTTP/2.0 should be specified in a way which is very hard
to do wrong, not very hard to do right.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Friday, 13 July 2012 20:38:13 UTC