17 Dec
2003
17 Dec
'03
11:17 p.m.
Adam Shostack writes:
Well, if Leahy passes, DCE is exportable. Anyone know if the 'SecureRPC' in DCE is the one BAL broke years back?
No, they broke Sun's Secure RPC, which is different.
I must admit that I've never done a serious security analysis of DCE RPC, though...
Perry
Where can one find detailed information regarding the (in)security of Sun's "Secure" RPC? Specifically, pointers to actual papers by those who have compromised it (both in theory and practice as relevant) would be appreciated. Thanks! Dana W. Albrecht dwa@corsair.com