Re: [DNSOP] on staleness of code points and code (mentions MD5 commentary from IETF98)

Tony Finch <dot@dotat.at> Tue, 28 March 2017 10:01 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07D211294BD for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 03:01:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H5khZ_asc9qR for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 03:01:15 -0700 (PDT)
Received: from ppsw-42.csi.cam.ac.uk (ppsw-42.csi.cam.ac.uk [131.111.8.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29AD9129353 for <dnsop@ietf.org>; Tue, 28 Mar 2017 03:01:14 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:34269) by ppsw-42.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.138]:25) with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) id 1csnvx-000DTA-8D (Exim 4.89) (return-path <dot@dotat.at>); Tue, 28 Mar 2017 11:01:01 +0100
Date: Tue, 28 Mar 2017 11:01:01 +0100
From: Tony Finch <dot@dotat.at>
To: Evan Hunt <each@isc.org>
cc: Paul Vixie <paul@redbarn.org>, "dnsop@ietf.org" <dnsop@ietf.org>
In-Reply-To: <20170328024127.GC96991@isc.org>
Message-ID: <alpine.DEB.2.11.1703281035190.13590@grey.csi.cam.ac.uk>
References: <58D96BC0.9040701@redbarn.org> <20170328024127.GC96991@isc.org>
User-Agent: Alpine 2.11 (DEB 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/1OO1t7h3k6hy50QXBuWQYikACEI>
Subject: Re: [DNSOP] on staleness of code points and code (mentions MD5 commentary from IETF98)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Mar 2017 10:01:17 -0000

Evan Hunt <each@isc.org> wrote:
>
> MD5 is known to be breakable, but it's not *as* breakable that hasn't been
> signed, or a resolver that hasn't turned on validation.

If you haven't seen PoC||GTFO 0x14, run over to
https://www.alchemistowl.org/pocorgtfo/ and have a read.

It features Postscript, PDF/JPEG, and GIF MD5 quines (where the MD5 hash
of the document appears in the text of the document itself) and is itself
an MD5 quine in two different ways (PDF and NES ROM polyglot).

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Shannon, South Rockall: Southerly or southeasterly 4 or 5 increasing 6 or 7,
perhaps gale 8 later in west. Moderate or rough, becoming rough or very rough
later. Showers then rain. Moderate or good, occasionally poor.