Barb Fox wrote: > > But Dan's comment about forward compatibilty in SSL has nothing to do > with passwords per se. Fact: there is no generic extensibility > mechanism in SSL3 - and that's something we need to acknowledge and > fix as soon as we can. The goal of this working group, after all, > should be to create an architecturally-sound, extensible standard. I > admit that this will cause us all some pain as we find ourselves > having to change our fielded implementations to prepare for future > advances in the protocol. But if we bite the bullet and design the > protocol correctly now, it shouldn't be such a big deal as we go > incrementally forward. The lack of a general extension mechanism in SSL v3 is a feature, not a bug. This is a security protocol, and so susceptibility to analysis is a good thing. Simplicity and rigidity are features here. SSL does provide for forwards compatibility by allowing version negotiation and protection from version rollback attacks. -- You should only break rules of style if you can | Tom Weinstein coherently explain what you gain by so doing. | tomw@netscape.comReceived on Thursday, 10 October 1996 13:29:13 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:12 UTC