Re: [Full-Disclosure] Why is IRC still around?

From: stephane nasdrovisky (stephane.nasdrovisky_at_paradigmo.com)
Date: 11/20/04

  • Next message: Antonio Vargas: "Re: [Full-Disclosure] IE is just as safe as FireFox"
    To: full-disclosure@lists.netsys.com
    Date: Sat, 20 Nov 2004 16:45:51 +0100
    
    

    Micheal Espinola Jr wrote:

    >Is SMTP bad? Yes.
    >
    >Why? Because they are simple and basic protocol implementations
    >
    >
    Are or were ? smtp supports tls for example (I dropped irc because I
    have very little knowledge about it).

    >Not that they aren't efficient and easy, but
    >they certainly have their shortcomings in terms of security and AAA.
    >
    >
    smtp supports both plaintext (login/password) and tls/certificate
    authentications. Configuration is not a technology issue but a sysadmin
    issue.

    >We need to move forward with technology. Or would you rather be like
    >Microsoft - and attempt to be backward compatible for all-time - and
    >continue to use products that have fundamental flaws in them?
    >
    smtp is backward compatible with fossile like technology (sendmail comes
    to mind as it have a 'good' bugs record) but also 21th century
    technology aware (s/mime, tls).
    Much could be said against protocols such as rpc, ftp, telnet, iiop,
    http, ... but some/most of them are also supporting some somewhat new
    technology (encryption, authentication, ...) some of them do not add
    much value when used over the internet (rpc comes to mind) these are
    more lan protocols.
    Microsoft don't try to be backward compatible: w2k is not backward
    compatible with nt or dos, even xp sp2 is not backward compatible with
    xp sp1:-)

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Antonio Vargas: "Re: [Full-Disclosure] IE is just as safe as FireFox"