[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, Mar 07, 2014 at 12:55:37AM +0000, Simon Waters wrote: > Not sure it is simply a coincidence. The task is complex, they both > implement in the same language, which lacks key features for exception > handling, so the exceptions are all handled by goto (or something > logically equivalent, return code with lots of extra "if" blocks and we > all know how good humans are at that logic stuff). > > There are also reasons these bits of code are being checked at this time. That's all true, and it that sense it isn't a coincidence. But they are different bugs that can't be traced to the same source code. > The gnutls code sample given doesn't appear to be a goto bug if the code > diff is to be believed, it is simply a problem setting return codes. Ironically, the GnuTLS bug was fixed by adding a few "goto fail" lines (and removing some other stuff). > Thus the "natural" errors people see are "not trusted"/"broken chain", > "expired", "wrong name" (really how many of your TLS errors fall outside > this, I've been doing a lot of this lately and I see some new warnings > for the first time, but they mostly boil down to these cases). How many > times have you seen a revoked certificate warning in the wild for > example? (Okay maybe Martijn will have seen more than most given his job). Actually, I haven't. Revoked certificates being used are pretty rare: if your certificate has been revoked, the only sensible thing to is to stop your servers from using it. In general, when you see a certificate error in the wild, it's far more likely that it's a harmless error somewhere (such as a certificate that isn't valid for the particular subdomains or, as happened to my wife once, an issue with the computer's internal clock which makes certificates appear to be issued for a future date). I do see a fair amount of certificate errors, usually because I am accessing the web interface of a product I am testing on an internal network. I am not sure if I would realise if I wasn't shown an error when I should have, but I would think it only takes one person for this to happen to who would notice and then try to dig a little deeper and conclude that certificates weren't verified at all. > I suspect we need simpler crypto standards. +1 > Bigger than the Apple bug - I'm skeptical. Comparing the impact of one bug with another is mostly comparing apples with organges anyway. For me, the Apple bug has no impact at all - apart from allowing me to make fun of it on Twitter - as I don't run any Apple devices. I would think the Apple bug to have a bigger impact, but then, I don't think any critical embedded device runs iOS or OS X, while some no doubt will depend on GnuTLS. In that sense the impact of the latter bug is bigger. Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq