Re: Do we have standards available for scp ??

To: Markus Friedl <markus%openbsd.org@localhost>
Subject: Re: Do we have standards available for scp ??
From: RJ Atkinson <rja%extremenetworks.com@localhost>
Date: Tue, 15 Jan 2002 12:04:24 -0500


On Tuesday, January 15, 2002, at 09:16  AM, Markus Friedl wrote:

sure, but i don't think rcp can be fixed. it's been
deployed for years (decades?).


"Fixing RCP" isn't the issue here.  Documenting a widely deployed
protocol (e.g. SCP) is the important issue here -- even if that
means the "Security Considerations" section were to be lengthy
with the things that "need fixing" in SCP (if any).

Frankly, it would be also good to document RCP and to have a lengthy
description of why RCP is a bad idea operationally (e.g. list of
security risks with RCP) and even suggest using SCP instead (to
reduce security risks).  That's a bit outside this WG's charter
(potentially, subject to WG Chair decision), whereas documenting SCP
sufficiently to write an interoperable implementation from the RFC
would seem clearly within this WG's charter (also subject to WG Chair
decision).

IMHO,

Ran
rja%extremenetworks.com@localhost

Follow-Ups:
- Re: Do we have standards available for scp ??
  - From: Markus Friedl

References:
- Re: Do we have standards available for scp ??
  - From: Markus Friedl

Prev by Date: Re: Do we have standards available for scp ??
Next by Date: Re: Do we have standards available for scp ??
Previous by Thread: Re: Do we have standards available for scp ??
Next by Thread: Re: Do we have standards available for scp ??
Indexes:

Home | Main Index | Thread Index | Old Index