Re: SSHv2 GSS spec issue wrt gss error tokens

To: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Subject: Re: SSHv2 GSS spec issue wrt gss error tokens
From: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Date: Mon, 18 Nov 2002 17:15:33 -0500 (EST)

On Mon, 18 Nov 2002, Nicolas Williams wrote:

> Why is this optional?  (To provide for error obfuscation?)  It should be
> recommended, not merely optional.

Yes, that's the idea.  We can argue about which messages should be
recommended vs optional.  I'm inclined to make sending the error token via
a continue message recommended but not required, and make the error
message optional.

> BTW, GSS-API ought to provide a feature for error token obfuscation.
> Better to let the mechanism determine what error information to send
> than to let the GSS application get away with not sending error tokens.

Not necessarily.  The application may be in a much better position to
detect an ongoing attack than is the GSSAPI mechanism.  In any event, the
GSSAPI currently does not have such a feature, and this is not the forum
in which to discuss fixing GSSAPI.

> That brings up another question: do the various SSHv2 drafts
> consistently provide for error code obfuscation where errors are sent on
> the wire?  Should GSS-keyex be consistent with the other SSHv2 drafts on
> this?

I think if you read over the drafts, you'll find that in most cases, no
mechanism is provided for passing specific error information back.

Follow-Ups:
- Re: SSHv2 GSS spec issue wrt gss error tokens
  - From: Nicolas Williams

References:
- Re: SSHv2 GSS spec issue wrt gss error tokens
  - From: Nicolas Williams

Prev by Date: Re: SSHv2 GSS spec issue wrt gss error tokens
Next by Date: Re: SSHv2 GSS spec issue wrt gss error tokens
Previous by Thread: Re: SSHv2 GSS spec issue wrt gss error tokens
Next by Thread: Re: SSHv2 GSS spec issue wrt gss error tokens
Indexes:

Home | Main Index | Thread Index | Old Index