[VOIPSEC] [SearchSecurity.com] Better VoIP training needed, SANS director says

Geoff Devine gdevine at cedarpointcom.com
Tue Dec 12 13:51:44 GMT 2006


Jon Callas <jon at pgpeng.com>

> On 11 Dec 2006, at 6:16 AM, Geoff Devine wrote:
>
>> H.323 is complex but that has nothing to do with ASN.1 encoding.   
>> In my opinion, Type-Length-Value encodings are a necessary part of  
>> creating a secure computing environment.  With TLVs, you can easily  
>> check each object for valid contents that won't damage the network  
>> in a computer-friendly way that is testable for completeness.
>
>Gosh, I feel like someone has dangled a red flag in front of my  
>particular sort of bullishness.

I must be improving. ;)

>Saying that ASN.1 isn't a problem because it's just a TLV encoding  
>(as you appear to) is somewhat like saying that software isn't a  
>problem because it's just a series of 1s and 0s, and that's only two  
>things to keep track of, so how hard can that be?
>

That wasn't the meaning I intended.  I was commenting that
machine-friendly TLV-based protocols allow you to create a more
deterministic, testable, and robust protocol than text-based protocols.
I tried to tie this in to security since the problem with complex and
unbounded protocols is that it makes more likely that malformed messages
and message sequences can crash network elements.  

The key to any good design is simplicity.  You can create bloated
over-complex protocols using any encoding method.  I wasn't saying that
H.323 is good because it's TLV-based.  I was saying that TLVs are not a
reason why H.323 is bad.

>From Amadeus:
"My dear young man, don't take it too hard. Your work is ingenious. It's
quality work. And there are simply too many notes, that's all."

Geoff



More information about the Voipsec mailing list