| ▲ | mootptr 19 hours ago |
| Parser differential exploits are a understated problem, especially with ASN.1, which I didn't expect to see anyone thinking about. Kudos on this initiative! |
|
| ▲ | kccqzy 17 hours ago | parent [-] |
| I understand that it is a problem but I'm more used to seeing arguments that monocultures and single implementations are bad: WebSQL for example didn't become a standard because there was only a single implementation. |
| |
| ▲ | cryptonector 15 hours ago | parent [-] | | Where is the monoculture here? | | |
| ▲ | kccqzy 5 hours ago | parent [-] | | If there were only one implementation for ASN.1 people would decry that whatever that implementation does effectively becomes the standard, and people would be clamoring to write a second implementation. | | |
| ▲ | cryptonector 2 hours ago | parent [-] | | Ok, but there are many implementations. And the ASN.1 specs are really clear and readable (once you have a mental model of them). |
|
|
|
