Re: BridgeWorks

Liste des GroupesRevenir à co vms 
Sujet : Re: BridgeWorks
De : davef (at) *nospam* tsoft-inc.com (Dave Froble)
Groupes : comp.os.vms
Date : 23. Jul 2024, 20:16:20
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <v7ovi5$1b5dr$1@dont-email.me>
References : 1 2 3 4 5 6 7 8
User-Agent : Mozilla/5.0 (Windows NT 5.1; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
On 7/22/2024 2:31 PM, Arne Vajhøj wrote:
On 7/22/2024 1:39 PM, Dave Froble wrote:
I would not consider SSL, TLS, MD5, Sha-1, and such applications.  They are
more environment protection, the way I see it.  And you are correct, some no
longer protect the environment for the real apps.
>
Please explain to me how an application, for example an inventory application
that tracks on hand product, would ever be involved in security?  It is the
environment that must provide the security, and the apps the actual work.
Things get a bit grey when an application communicates outside the
environment, but even then, it is the available security that is used, not the
apps.
>
So, your comments are not relevant to whether or not the apps written in say
VB6 need support, at least from a security perspective.
>
I don't think it is good description of such stuff to call it
environment that are independent of applications.
>
Sometimes application code directly specify algorithms.
>
This one line of VB.NET code:
So now the discussion ignores the previous discussion, in this case VB6?  As far as I know VB6 does not have what you mention below?

Test("SHA-2 256 bit (managed)", New SHA256Managed())
>
use SHA-256. An no environment change will make it use a different
algorithm (unless one did some really dirty hacking of the
.NET libraries).
>
Sometimes newer libraries are not available.
In my limited experience, encryption and such are separate code/libraries.  So linking them into an existing app would still provide protection.
But we all know Dave doesn't get out much, so perhaps not.

Let us say that one has some code that use HTTPS. And
that programming language has a library that supports
TLS 1.3. Then in 5 years a vulnerability in TLS 1.3 is
found and TLS 1.4 is created. If a new version of the library
supporting TLS 1.4 becomes available then all fine - update the
library and the application is fine. But if not then the
application has a problem, because the available library is
not getting updated.
How does that differ from some "supported" implementation languages?  Doesn't matter if TLS 1.4 doesn't exist now, does it?
--
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486

Date Sujet#  Auteur
19 Jul 24 * BridgeWorks88Arne Vajhøj
19 Jul 24 `* Re: BridgeWorks87Craig A. Berry
20 Jul 24  `* Re: BridgeWorks86Arne Vajhøj
21 Jul 24   +* Re: BridgeWorks80Lawrence D'Oliveiro
21 Jul 24   i+* Re: BridgeWorks4Arne Vajhøj
21 Jul 24   ii+- Re: BridgeWorks1Scott Dorsey
21 Jul 24   ii`* Re: BridgeWorks2Lawrence D'Oliveiro
22 Jul 24   ii `- Re: BridgeWorks1Scott Dorsey
21 Jul 24   i+* Re: BridgeWorks74Dave Froble
21 Jul 24   ii+* Re: BridgeWorks34Scott Dorsey
22 Jul 24   iii`* Re: BridgeWorks33Dave Froble
22 Jul 24   iii `* Re: BridgeWorks32Simon Clubley
22 Jul 24   iii  +* Re: BridgeWorks30Scott Dorsey
22 Jul 24   iii  i`* Re: BridgeWorks29David Wade
23 Jul 24   iii  i +* Re: BridgeWorks2Lawrence D'Oliveiro
23 Jul 24   iii  i i`- Re: BridgeWorks1Lawrence D'Oliveiro
23 Jul 24   iii  i `* Re: BridgeWorks26Grant Taylor
23 Jul 24   iii  i  +* Re: BridgeWorks6Grant Taylor
23 Jul 24   iii  i  i`* Re: BridgeWorks5Simon Clubley
23 Jul 24   iii  i  i `* Re: BridgeWorks4David Wade
24 Jul 24   iii  i  i  `* Re: BridgeWorks3Arne Vajhøj
24 Jul 24   iii  i  i   `* Re: BridgeWorks2Simon Clubley
24 Jul 24   iii  i  i    `- Re: BridgeWorks1Arne Vajhøj
23 Jul 24   iii  i  `* Re: BridgeWorks19Lawrence D'Oliveiro
23 Jul 24   iii  i   +* Re: BridgeWorks9Arne Vajhøj
23 Jul 24   iii  i   i+* Re: BridgeWorks5Lawrence D'Oliveiro
24 Jul 24   iii  i   ii`* Re: BridgeWorks4Arne Vajhøj
24 Jul 24   iii  i   ii `* Re: BridgeWorks3Lawrence D'Oliveiro
24 Jul 24   iii  i   ii  `* Re: BridgeWorks2Arne Vajhøj
24 Jul 24   iii  i   ii   `- Re: BridgeWorks1Lawrence D'Oliveiro
23 Jul 24   iii  i   i`* Re: BridgeWorks3Michael S
24 Jul 24   iii  i   i +- Re: BridgeWorks1Arne Vajhøj
24 Jul 24   iii  i   i `- Re: BridgeWorks1Lawrence D'Oliveiro
23 Jul 24   iii  i   +* Re: BridgeWorks6Grant Taylor
23 Jul 24   iii  i   i`* Re: BridgeWorks5Lawrence D'Oliveiro
23 Jul 24   iii  i   i `* Re: BridgeWorks4Grant Taylor
23 Jul 24   iii  i   i  `* Re: BridgeWorks3Lawrence D'Oliveiro
23 Jul 24   iii  i   i   `* Re: BridgeWorks2David Wade
23 Jul 24   iii  i   i    `- Re: BridgeWorks1Lawrence D'Oliveiro
23 Jul 24   iii  i   `* Re: BridgeWorks3John Dallman
24 Jul 24   iii  i    `* Re: BridgeWorks2Lawrence D'Oliveiro
24 Jul 24   iii  i     `- Re: BridgeWorks1Arne Vajhøj
23 Jul 24   iii  `- Re: BridgeWorks1Dave Froble
22 Jul 24   ii+* Re: BridgeWorks38Simon Clubley
22 Jul 24   iii`* Re: BridgeWorks37Dave Froble
22 Jul 24   iii +* Re: BridgeWorks3Simon Clubley
23 Jul 24   iii i`* Re: BridgeWorks2Dave Froble
24 Jul 24   iii i `- Re: BridgeWorks1Simon Clubley
22 Jul 24   iii `* Re: BridgeWorks33Arne Vajhøj
23 Jul 24   iii  `* Re: BridgeWorks32Dave Froble
24 Jul 24   iii   `* Re: BridgeWorks31Arne Vajhøj
24 Jul 24   iii    +* Re: BridgeWorks21Lawrence D'Oliveiro
24 Jul 24   iii    i+* Re: BridgeWorks2Simon Clubley
25 Jul 24   iii    ii`- Re: BridgeWorks1Dave Froble
24 Jul 24   iii    i+* Re: BridgeWorks9Arne Vajhøj
25 Jul 24   iii    ii`* Re: BridgeWorks8Lawrence D'Oliveiro
25 Jul 24   iii    ii `* Re: BridgeWorks7Arne Vajhøj
25 Jul 24   iii    ii  +* Re: BridgeWorks4Lawrence D'Oliveiro
25 Jul 24   iii    ii  i`* Re: BridgeWorks3Arne Vajhøj
26 Jul 24   iii    ii  i `* Re: BridgeWorks2Lawrence D'Oliveiro
27 Jul 24   iii    ii  i  `- Re: BridgeWorks1Arne Vajhøj
26 Jul 24   iii    ii  `* Re: BridgeWorks2Dave Froble
27 Jul 24   iii    ii   `- Re: BridgeWorks1Arne Vajhøj
27 Jul 24   iii    i`* Re: BridgeWorks9John Dallman
28 Jul 24   iii    i +* Re: BridgeWorks3Arne Vajhøj
28 Jul 24   iii    i i+- Re: BridgeWorks1Chris Townley
28 Jul 24   iii    i i`- Re: BridgeWorks1Lawrence D'Oliveiro
7 Aug 24   iii    i `* Re: BridgeWorks5Gary Sparkes
7 Aug 24   iii    i  +- Re: BridgeWorks1Lawrence D'Oliveiro
7 Aug 24   iii    i  +* Re: BridgeWorks2John Dallman
7 Aug 24   iii    i  i`- Re: BridgeWorks1Lawrence D'Oliveiro
7 Aug 24   iii    i  `- Re: BridgeWorks1Arne Vajhøj
24 Jul 24   iii    +* Re: BridgeWorks7Dave Froble
24 Jul 24   iii    i`* Re: BridgeWorks6Arne Vajhøj
25 Jul 24   iii    i `* Re: BridgeWorks5Lawrence D'Oliveiro
25 Jul 24   iii    i  `* Re: BridgeWorks4Arne Vajhøj
25 Jul 24   iii    i   +- Re: BridgeWorks1Lawrence D'Oliveiro
26 Jul 24   iii    i   +- Re: BridgeWorks1Dave Froble
8 Aug 24   iii    i   `- Re: BridgeWorks1Dave Froble
25 Jul 24   iii    `* Re: BridgeWorks2Dave Froble
25 Jul 24   iii     `- Re: BridgeWorks1Arne Vajhøj
22 Jul 24   ii`- Re: BridgeWorks1Arne Vajhøj
7 Aug 24   i`- Re: BridgeWorks1Gary Sparkes
21 Jul 24   `* Re: BridgeWorks5John Dallman
21 Jul 24    `* Re: BridgeWorks4Arne Vajhøj
21 Jul 24     +* Re: BridgeWorks2Craig A. Berry
21 Jul 24     i`- Re: BridgeWorks1Craig A. Berry
21 Jul 24     `- Re: BridgeWorks1John Dallman

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal