Re: Comments for draft-ietf-secsh-auth-kbdinteract-01.txt

To: ietf-ssh%netbsd.org@localhost
Subject: Re: Comments for draft-ietf-secsh-auth-kbdinteract-01.txt
From: Frank Cusack <fcusack%fcusack.com@localhost>
Date: Thu, 17 Jan 2002 17:08:38 -0800

Hi,

I realize this is a year-old message, but I dropped off the list a long
time ago, back when the list was lossy (clinet.fi days).  Anyway, I
am in the process of updating the draft (along with Martin) and wanted
to respond to some old issues.  In a week or so I'll post the updated
draft here for comments before submission.

On Wed, Jan 24, 2001 at 10:45:08AM +0300, Shesterikov Maxim (sm) wrote:
> For a server that uses a separate authentication layer it is desirable to
> state in the draft that the order of responses should match with the order
> of prompts. 

And later:

On Thu, Feb 22, 2001 at 09:59:43AM +0300, Shesterikov Maxim (sm) wrote:
[Martin Forssen: ]
> >Such a text implies that the server is permitted to
> >have multiple outstanding authentication requests simultaneously, and
> >this can be complicated to handle in the client. Would it not be better
> >just instead forbid the server to have more than one set of prompts
> >(SSH_MSG_USERAUTH_INFO_REQUEST packets) outstanding at any time?
> >Comments?
> I agree. 

I read the question as "each numbered response must match up with the
corresponding prompt", ie, in a single INFO_REQUEST there might be
multiple prompts, and in the INFO_RESPONSE the answers must be in
the same order as the questions.

I believe both are valid points, the first (multiple outstanding
INFO_REQUEST's) has been addressed, I will add clarification on the
second (response ordering) to the draft.

/fc

Prev by Date: Re: Do we have standards available for scp ??
Next by Date: Re: Section 3.2 of secsh-auth-kbdinteract-01
Previous by Thread: I-D ACTION:draft-ietf-secsh-gsskeyex-03.txt
Next by Thread: Re: Comments for draft-ietf-secsh-auth-kbdinteract-01.txt
Indexes:

Home | Main Index | Thread Index | Old Index