IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Question on transport protocol
In the transport protocol, section 8 (Service Request), the last paragraph
states:
Note that after a key exchange with implicit server authentication,
the client MUST wait for response to its service request message
before sending any further data.
I'd like to ask why is the above contraint there? I assume it's for some
security reason, but looking at the packet flow, I can't see a reason
for it.
i.e. it would appear that no additional information is leaked by allowing
say a USERAUTH_REQUEST to immediatly follow the SERVICE_REQUEST even when
the server has been implicity authenticated.
Mind it's a bit of a pointless optimisation given that the user should
be prompted about the implicit authentication, but it could make an
implementation fractionally simpler.
What am I missing?
DF
Home |
Main Index |
Thread Index |
Old Index