Question on transport protocol

To: ietf-ssh%netbsd.org@localhost
Subject: Question on transport protocol
From: Derek Fawcus <dfawcus%cisco.com@localhost>
Date: Tue, 15 Jan 2002 03:30:31 +0000

In the transport protocol,  section 8 (Service Request),  the last paragraph
states:

   Note that after a key exchange with implicit server authentication,
   the client MUST wait for response to its service request message
   before sending any further data.

I'd like to ask why is the above contraint there?  I assume it's for some
security reason,  but looking at the packet flow,  I can't see a reason
for it.

i.e. it would appear that no additional information is leaked by allowing
say a USERAUTH_REQUEST to immediatly follow the SERVICE_REQUEST even when
the server has been implicity authenticated.

Mind it's a bit of a pointless optimisation given that the user should
be prompted about the implicit authentication,  but it could make an
implementation fractionally simpler.

What am I missing?

DF

Follow-Ups:
- Re: Question on transport protocol
  - From: Derek Fawcus

Prev by Date: More draft formatting / grammer problems
Next by Date: Re: Question on transport protocol
Previous by Thread: More draft formatting / grammer problems
Next by Thread: Re: Question on transport protocol
Indexes:

Home | Main Index | Thread Index | Old Index