Re: potential disclaimer for the transport draft.

[RJ Atkinson <rja%extremenetworks.com@localhost>]

On Wednesday, March 20, 2002, at 11:24 , Wei Dai wrote:

> On Tue, Mar 19, 2002 at 09:16:44AM -0500, Bill Sommerfeld wrote:
> > > On any particular system, it's probably not the biggest hole, but it
> > > quite likely is the biggest hole on *some* real-world systems.
> >
> > I think you severely underestimate how many latent undiscovered
> > security holes are out there at the moment.. I don't think we have
> > *any* reason to believe that.
>
> Ok, let me rephrase that: it quite likely is the biggest *known* hole on
> some real-world systems.

I actually think that your revised claim is extremely unlikely
to be the case.  In particular, "known" and "widely known" aren't
the same.  Also, several of us are not convinced your issue is
a "big known hole", though I think everyone considers it a serious
issue.

> The point remains that we can't be confident that it's not
> a threat to any real world system.

No one has said made the claim that you knock down.  This thread
is about risk management, not whether we think the current SSH spec
is perfectly secure.  Delaying the spec over this level of nit
is not a responsible posture for the WG, IMHO, given that we can
change the attacker's work function from [wiretap cleartext passwords]
to [computationally expensive cryptographic attack] by moving
forward as-is today.

I fully support Bill's proposed language and shipping the documents
as Proposed Standard as soon as possible.

Ran
rja%extremenetworks.com@localhost