On Monday 11 January 2016 17:28:33 Bill Frantz wrote: > On 1/11/16 at 4:32 PM, watsonbl...@gmail.com (Watson Ladd) wrote: > >Do the RFCs require the relevant checks or not? And given that > >implementations frequently get these sorts of things wrong, how do we > >make the standard robust against it? > > The best way I can think of is to test to see if the checks are > being done. For example, if a implementation is supposed to > check if a number is prime, send a non-prime and see if it takes > the correct action. > > Publicly available test suites would be a good step toward > implementing this strategy.
shameful plug: https://github.com/tomato42/tlsfuzzer and the underlying https://github.com/tomato42/tlslite-ng -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
