| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <419F66AF.8040602@paradigmo.com> From: stephane.nasdrovisky at paradigmo.com (stephane nasdrovisky) Subject: Why is IRC still around? Micheal Espinola Jr wrote: >Is SMTP bad? Yes. > >Why? Because they are simple and basic protocol implementations > > Are or were ? smtp supports tls for example (I dropped irc because I have very little knowledge about it). >Not that they aren't efficient and easy, but >they certainly have their shortcomings in terms of security and AAA. > > smtp supports both plaintext (login/password) and tls/certificate authentications. Configuration is not a technology issue but a sysadmin issue. >We need to move forward with technology. Or would you rather be like >Microsoft - and attempt to be backward compatible for all-time - and >continue to use products that have fundamental flaws in them? > smtp is backward compatible with fossile like technology (sendmail comes to mind as it have a 'good' bugs record) but also 21th century technology aware (s/mime, tls). Much could be said against protocols such as rpc, ftp, telnet, iiop, http, ... but some/most of them are also supporting some somewhat new technology (encryption, authentication, ...) some of them do not add much value when used over the internet (rpc comes to mind) these are more lan protocols. Microsoft don't try to be backward compatible: w2k is not backward compatible with nt or dos, even xp sp2 is not backward compatible with xp sp1:-)
Powered by blists - more mailing lists