Re: PublicKeyFile Format Security Considerations

["Joel N. Weber II" <ietf-secsh%joelweber.com@localhost>]

> After all
> if what I wrote above is just another way of saying "Implementors should
> avoid bugs, and especially buffer overruns in their code" then maybe
> it doesn't add anything of value.

It does seem to be the case that the text we're discussing covers a
subject that is assumed to be obvious in just about every other IETF
document.  If we want to say ``don't write buffer overflows, and
verify your data, and stuff'' in a very general way, it might be
appropriate to write up a protocol-independent RFC saying those
things, and have the security considerations section of every RFC
refer to that generic, protocol-independent writeup.  This discussion
makes me wonder if it is a bug that there is no RFC talking about
buffer overflows, as far as I know.  There *is* an RFC about random
numbers, for example.  But I'm sure an RFC about buffer overflows is
beyond the scope of this working group.

If there is a specific reason why being careful about parsing the data
is more important, or more difficult, or more subtle with an ssh
public key file than in a generic case of parsing data, then
explaining that would be useful.