Interesting People mailing list archives
Re: IP: More on Precautions Against SNMP Vulnerability
From: David Farber <dfarber () earthlink net>
Date: Sat, 16 Feb 2002 13:55:53 -0400
-----Original Message----- From: Tom Van Vleck <thvv () multicians org> Date: Sat, 16 Feb 2002 12:42:56 To: farber () cis upenn edu Subject: Re: IP: More on Precautions Against SNMP Vulnerability Karl Auerbach's comments on SNMP and ASN.1 BER rang a bell. Another protocol built on ASN.1 was the SET (Secure Electronic Transaction) protocol advocated by many parties including Visa and MasterCard in the mid 90s. I worked at CyberCash then on a pilot SET implementation and got to know the internals of the protocol. Without getting into the whole sorry politics of SET, I can make a technical observation about the protocol. In addtition to the difficulty of testing ASN.1 based protocols, there was the risk of monoculture: there were a few companies that provided ASN.1 toolkits that were used in multiple SET implementations. None of the toolkits we looked at had formal verification or assurance. The SET protocol itself was far from simple, and was designed without planning for formal verification, layered acceptance testing of participating elements, or protocol evolution. SET has faded from view, whch makes worries about its layering, adaptability, and assurance moot. I hope the next attempt at such a protocol is done with extreme rigor, and is not rushed into use. For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Re: IP: More on Precautions Against SNMP Vulnerability David Farber (Feb 16)