-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Um, NTLM isn't the only 20 or so year old protocol to take the rap recently, I can think of a low numbered rfc, lets say 1034 and 1035. Hindsight is 20/20, and 20 years ago, who would have thought that a 16 bit number was way too small for DNS transaction id, the same "who would have though" goes for NTLM and the rest. Lets face it, protocol design bugs suck, and to completely replace a widely used protocol ranks pretty high in the PiTA hall of fame...
In that particular case Dan Bernstein not only *did* think about it but actually did something about it. It's just that no one else was listening.
Paul Schmehl, If it isn't already obvious, my opinions are my own and not those of my employer. ****************************************** WARNING: Check the headers before replying
Attachment:
p7sMkneY9kkJw.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/