Re: des-cbc cipher

To: Markus Friedl <markus%openbsd.org@localhost>
Subject: Re: des-cbc cipher
From: RJ Atkinson <rja%inet.org@localhost>
Date: Thu, 29 Nov 2001 10:14:03 -0500

At 03:43 29/11/01, Markus Friedl wrote:
>However, if you need to have DES-CBC, write a document,
>use "des-cbc%inet.org@localhost" and everything will be fine.

        Regrettably, that doesn't help at all -- because it doesn't document
how to implement such that one can interoperate with the installed base 
of DES-CBC implementations of SSHv2.  There are multiple such 
implementations and an installed base of users.

        I'd REALLY prefer to resolve this in the WG.  I've tried to
propose several forms of packaging that would both let the technical
detail get documented and also let folks who have passion against
DES-CBC document their issues/concerns/recommendations and also make
it crystal clear that DES-CBC isn't something an implementation is
expected to support.  If we can't resolve this issue here, then an appeal 
is likely -- which will necessarily delay the documents substantially 
(delay being explicitly NOT my objective).  Sigh.

Yours,

Ran
rja%inet.org@localhost

Follow-Ups:
- Re: des-cbc cipher
  - From: Thor Simon
- Re: des-cbc cipher
  - From: Jeffrey Altman
- Re: des-cbc cipher
  - From: Derek Fawcus
- Re: des-cbc cipher
  - From: Markus Friedl

References:
- Re: des-cbc cipher
  - From: RJ Atkinson
- Re: des-cbc cipher
  - From: Darren Moffat
- Re: des-cbc cipher
  - From: Markus Friedl

Prev by Date: Re: SecSH Server functionality on Windows - incomplete
Next by Date: Re: des-cbc cipher
Previous by Thread: Re: des-cbc cipher
Next by Thread: Re: des-cbc cipher
Indexes:

Home | Main Index | Thread Index | Old Index