Boost logo

Boost :

From: Peter Dimov (pdimov_at_[hidden])
Date: 2005-04-24 08:02:50

David Abrahams wrote:
> "Giovanni P. Deretta" <lordshoo_at_[hidden]> writes:
>> - It is extremely insecure. In a network library security must be
>> paramount. If the transport type were encoded in the address, it
>> would be much harder to validate externally received addresses. A
>> similar argument can be made for the port numbers. It is better to
>> keep these things separated. The library user can create its own
>> indexed factory collection if it really needs to.
> That's a very convincing argument.

No, it isn't. If you analyze the security of the two cases carefully you'll
see that there isn't much of a difference, except that the
"transport-encoded" type gives you one bit of extra information, the
transport, which you can check against your expectations.

Boost list run by bdawes at, gregod at, cpdaniel at, john at