Re: Core draft last call update.

To: Wei Dai <weidai%eskimo.com@localhost>
Subject: Re: Core draft last call update.
From: Bill Sommerfeld <sommerfeld%orchard.arlington.ma.us@localhost>
Date: Sat, 09 Mar 2002 10:26:50 -0500

> Would be appropriate to either (1) put something in the security
> considerations section about this attack, so that implementors are warned
> about this problem and will know to look for a future RFC describing the
> solution, or (2) delay the SSH transport protocol spec and advance the
> rest of SSH? 

(2) is not useful, because you can't do SSH without all four drafts.

Remember that a certain set of folks will use telnet instead simply
because there's an RFC for telnet and there isn't one for SSH.

(1) is a possibility but needs to be worded very carefully (to not
scare telnet users away from deploying ssh).

						- Bill

Follow-Ups:
- Re: Core draft last call update.
  - From: Wei Dai

References:
- Re: Core draft last call update.
  - From: Wei Dai

Prev by Date: Re: Core draft last call update.
Next by Date: Re: Core draft last call update.
Previous by Thread: Re: Core draft last call update.
Next by Thread: Re: Core draft last call update.
Indexes:

Home | Main Index | Thread Index | Old Index