Re: last-call issues..

To: Markus Friedl <Markus.Friedl%informatik.uni-erlangen.de@localhost>
Subject: Re: last-call issues..
From: Jason R Thorpe <thorpej%zembu.com@localhost>
Date: Wed, 14 Mar 2001 09:31:07 -0800

On Wed, Mar 14, 2001 at 12:12:57PM +0100, Markus Friedl wrote:

 > the server implementing sftp can print what ever cookies
 > it likes and the sshd has to filter the cookies out.
 > but this is not a _protocol_ issue.

Hm, this doesn't really strike me as good design -- if we all agree that
subsystems require only a bi-directional stream communication channel,
then it seems like a cop-out to rely on some special in-band-but-filtered-out
communication between the sftp server and the transport server.

Who's to say one couldn't use sftp over some generic TLS pipe (say, like
the one that the stunnel package implements)?

I'm with Tero on this one -- recommend that subsystems ignore unrecognized
data sent over the channel, up until the subsystem version exchange occurs,
and require that no non-subsystem data appear on the channel once the version
exchange is complete.

-- 
        -- Jason R. Thorpe <thorpej%zembu.com@localhost>

Follow-Ups:
- Re: last-call issues..
  - From: Niels Möller

References:
- last-call issues..
  - From: Bill Sommerfeld
- last-call issues..
  - From: Tero Kivinen
- Re: last-call issues..
  - From: Markus Friedl

Prev by Date: Secure Shell (secsh) agenda for 50th IETF
Next by Date: Re: last-call issues..
Previous by Thread: Re: last-call issues..
Next by Thread: Re: last-call issues..
Indexes:

Home | Main Index | Thread Index | Old Index