Re: updated transport & userauth drafts

To: "Markus Friedl" <markus%openbsd.org@localhost>, "Wei Dai" <weidai%eskimo.com@localhost>
Subject: Re: updated transport & userauth drafts
From: "Joseph Galbraith" <galb-list%vandyke.com@localhost>
Date: Sat, 2 Mar 2002 11:50:54 -0800

> I agree with Bill:  The protocol is much more than CBC-encryption,
> and it's so easy to switch ciphers.  The group really should move
> on.

I too agree.  Ciphers are easy to add.
The core drafts clearly define how to
specify additional ciphers independantly,
for exactly this purpose.

In fact, I would say that if people feel
strongly, it would not be too early to
start a document describing the proposed
new ciphers.

Such a document would naturally proceed
independantly from the core drafts.

But, in the event that all the Real
Cryptographers (TM) all of a sudden
said "Oh my gosh!  This is horrible!
Don't use CBC for anything!" we would
have something we'd actually been working
on, and ironing out the wording, clarity,
etc.

And, indeed, it wouldn't be a bad idea to have
some ciphers specified that didn't use CBC,
even without this specific attack, on the
principle that we don't want all our eggs
in one basket.

- Joseph

References:
- Re: updated transport & userauth drafts
  - From: Wei Dai
- Re: updated transport & userauth drafts
  - From: Bill Sommerfeld
- Re: updated transport & userauth drafts
  - From: Markus Friedl

Prev by Date: Re: Extensions to SSH in order to facilitate telnet replacement.
Next by Date: Re: Extensions to SSH in order to facilitate telnet replacement.
Previous by Thread: Re: updated transport & userauth drafts
Next by Thread: Re: updated transport & userauth drafts
Indexes:

Home | Main Index | Thread Index | Old Index