IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: updated transport & userauth drafts
On Fri, Mar 01, 2002 at 07:12:43PM -0500, Bill Sommerfeld wrote:
> ssh is (much) more than just the encryption; the encryption part is
> just one detail of the protocol, and it's a modularly replaceable
> part.
I think the encryption is much more than a detail. It's one of the two
most important services that ssh provides (the other one being the
authentication).
Sure ssh also does shells and file transfers and so on, but everyone would
still be using rcp and rsh if it weren't for the encryption and
authentication that ssh provides.
Even if we decide not to put in the proposed fix, we need to at least
mention the attack in the security considerations section. I don't see how
it could be completely ignored.
Home |
Main Index |
Thread Index |
Old Index