Whenever I complain about ASN.1 there's this sort of "ASN.1 is fine" backlash and then I see shit like this: http://trac.tools.ietf.org/wg/trans/trac/ticket/14 …
-
-
Replying to @bascule
Yo dawg, I heard you like ASN.1pic.twitter.com/HZnSk07Er4
2 replies 27 retweets 29 likes -
-
Replying to @kebesays
@kebesays@bascule@AlecMuffett Playing with JSON is begging yourself for DOS or security fail. Case in point: JOSE and the crazy schemas2 replies 0 retweets 0 likes -
Replying to @sleevi_
@sleevi_@kebesays@AlecMuffett and the corresponding analogue for ASN.1 is RCE?1 reply 0 retweets 1 like -
Replying to @bascule
@bascule@kebesays@AlecMuffett With DER parsing, a little fuzzing and ASAN goes a long way. With JSON, it's logic bugs all the way down.2 replies 0 retweets 0 likes -
Replying to @sleevi_
@sleevi_@kebesays@AlecMuffett we've been systematically replacing CMS with JWE/JWS throughout our infrastructure and it feels great2 replies 0 retweets 0 likes -
Replying to @bascule
@bascule@kebesays@AlecMuffett Well, yes, throwing CMS out makes everything better. Not because ASN.1, but because OH MY GOD CMS IT BURNS!!2 replies 0 retweets 0 likes
@sleevi_ @kebesays @AlecMuffett did I mention the main thing I work on is LDAP? And I'm actually considering writing an LDAP server o_O
-
-
Replying to @bascule
@bascule@kebesays@AlecMuffett My heart goes out for you. BER is awful. Awful awful0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.