From: Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
To: rob pike <rob@plan9.bell-labs.com>
Cc: 9fans@cse.psu.edu
Subject: Re: [9fans] Re: The problem with SSH2
Date: Mon, 1 Jan 2001 16:18:02 +0100 [thread overview]
Message-ID: <20010101161802.B31245@folly> (raw)
In-Reply-To: <20010101143731.DB61F199E7@mail.cse.psu.edu>; from rob@plan9.bell-labs.com on Mon, Jan 01, 2001 at 09:37:12AM -0500
On Mon, Jan 01, 2001 at 09:37:12AM -0500, rob pike wrote:
> The complexity is silly, but much worse is that there isn't at least
> one guaranteed protocol for authentication and encryption that both
> ends always have and can use as a fallback. I would argue that that
> would always be sufficient, but I know I'm in the minority there. I do
> argue that it's demonstrably necessary.
While I aggree that the SSH protocol is very complex, I think this
problem is more a policy issue than a protocol issue. E.g. the SSH2
protocol drafts require certain basic algorithms for authentication
and encryption. This could be used as a fallback -- but only if
the server admin policy agrees to enable the methods.
But of course, if the protocol allows too many options it's probably
too hard for the server admin to decide which option is a good
or a bad thing.
next prev parent reply other threads:[~2001-01-01 15:18 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-01-01 14:37 rob pike
2001-01-01 15:18 ` Markus Friedl [this message]
-- strict thread matches above, loose matches on Subject: below --
2001-01-27 2:34 rob pike
2001-01-27 2:37 ` Boyd Roberts
2001-01-27 2:13 dmr
2001-01-27 2:30 ` Boyd Roberts
2001-01-27 1:04 presotto
2001-01-26 19:56 rsc
2001-01-26 20:46 ` Dan Cross
2001-01-29 13:40 ` David Rubin
2001-01-27 0:43 ` Boyd Roberts
2001-01-27 1:01 ` Boyd Roberts
2001-01-27 14:34 ` Markus Friedl
2001-01-01 15:37 rob pike
2001-01-01 15:43 ` Boyd Roberts
2001-01-02 8:27 ` Lyndon Nerenberg
2001-01-02 17:49 ` cLIeNUX user
[not found] <20001231162642.A9783@folly>
2000-12-31 17:55 ` Jim Choate
2001-01-01 7:38 ` Boyd Roberts
2001-01-26 14:33 ` Ozan Yigit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010101161802.B31245@folly \
--to=markus.friedl@informatik.uni-erlangen.de \
--cc=9fans@cse.psu.edu \
--cc=rob@plan9.bell-labs.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).