On 1/11/16 at 4:32 PM, watsonbl...@gmail.com (Watson Ladd) wrote:
Do the RFCs require the relevant checks or not? And given that
implementations frequently get these sorts of things wrong, how do we
make the standard robust against it?
The best way I can think of is to test to see if the checks are
being done. For example, if a implementation is supposed to
check if a number is prime, send a non-prime and see if it takes
the correct action.
Publicly available test suites would be a good step toward
implementing this strategy. I will note that as the Javascript
standards people were developing the ES2015 standard, they
maintained a test suite which following the evolving standard.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Truth and love must prevail | Periwinkle
(408)356-8506 | over lies and hate. | 16345
Englewood Ave
www.pwpconsult.com | - Vaclav Havel | Los Gatos,
CA 95032
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
