Re: [Full-Disclosure] Why is IRC still around?
From: stephane nasdrovisky (stephane.nasdrovisky_at_paradigmo.com)
To: firstname.lastname@example.org Date: Sat, 20 Nov 2004 16:45:51 +0100
Micheal Espinola Jr wrote:
>Is SMTP bad? Yes.
>Why? Because they are simple and basic protocol implementations
Are or were ? smtp supports tls for example (I dropped irc because I
have very little knowledge about it).
>Not that they aren't efficient and easy, but
>they certainly have their shortcomings in terms of security and AAA.
smtp supports both plaintext (login/password) and tls/certificate
authentications. Configuration is not a technology issue but a sysadmin
>We need to move forward with technology. Or would you rather be like
>Microsoft - and attempt to be backward compatible for all-time - and
>continue to use products that have fundamental flaws in them?
smtp is backward compatible with fossile like technology (sendmail comes
to mind as it have a 'good' bugs record) but also 21th century
technology aware (s/mime, tls).
Much could be said against protocols such as rpc, ftp, telnet, iiop,
http, ... but some/most of them are also supporting some somewhat new
technology (encryption, authentication, ...) some of them do not add
much value when used over the internet (rpc comes to mind) these are
more lan protocols.
Microsoft don't try to be backward compatible: w2k is not backward
compatible with nt or dos, even xp sp2 is not backward compatible with
Full-Disclosure - We believe in it.