[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <m1A397M-000B1eC@proven.weird.com>
Date: Sat, 27 Sep 2003 03:03:48 -0400 (EDT)
From: "Greg A. Woods" <woods@...rd.com>
To: "Steven M. Christey" <coley@...re.org>
Cc: bugtraq@...urityFocus.com (BUGTRAQ: Full Disclosure Security Mailing List)
Subject: Re: base64
[ On Friday, September 26, 2003 at 16:56:54 (-0400), Steven M. Christey wrote: ]
> Subject: Re: base64
>
> > "Be liberal in what you accept, and conservative in what you send."
> > -- jon
> > RFC-1122 (originates in RFC760)
>
> Funny you bring up that quote, as I've been thinking about it for a
> while now too.
>
> I think that's wisdom for a different time, at least security-wise.
I don't think the so-called "Robustness Principle" was ever intended to
trump anything to do with security.
A I understand it the Robustness Principle is meant to guide the design
and implementation of communications protocols in an effort to promote
interoperability between otherwise correct and complete implementations,
and _nothing_ more.
The principle was most certainly not intended to guide the policies
which sites using any given protocol implementation might impose on top
of it.
The Robustness Principle was certainly not meant to allow for the kind
of "speling correction" mechanisms which are causing problems with MIME,
HTML, and similar. Many people have made this mistake over the years,
and some seem to continue to make this mistake, but it is none the less
a mistake to interpret the Robustness Principle in such a way,
especially when the result may create new risks.
One must still be very careful to never trust unvalidated and
un-authenticated data received from any public network connection.
--
Greg A. Woods
+1 416 218-0098 VE3TCP RoboHack <woods@...ohack.ca>
Planix, Inc. <woods@...nix.com> Secrets of the Weird <woods@...rd.com>
Powered by blists - more mailing lists