IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
RE: another bounced message with chinese subject.
Your comments are welcome on following "relationship description".
-----Original Message-----
From: ietf-ssh-owner%netbsd.org@localhost [mailto:ietf-ssh-owner%netbsd.org@localhost] On
Behalf Of Bill Sommerfeld
Sent: Friday, March 21, 2003 1:53 AM
To: ietf-ssh%netbsd.org@localhost
Subject: another bounced message with chinese subject.
again, this was caught as a false-positive.
------- Forwarded Message
Date: Thu, 20 Mar 2003 14:24:39 +0800
From: Miao Fuyou <miaofy%huawei.com@localhost>
Subject: RE: Relationship between user name and public key pair in
Authentication Protocol
In-reply-to: <200303200520.h2K5Kvaj000896%thunk.east.sun.com@localhost>
To: sommerfeld%east.sun.com@localhost
Cc: ylo%ssh.com@localhost, kivinen%ssh.com@localhost, ietf-ssh%netbsd.org@localhost
You are right, it is unpractical to generate the same key pair, and the
effort to devise a mechanism for prevention is meaningless. But I still
think the relationship permitted in SSH shall be described explicitly,
so the developers can implement it realizingly. How do you think about
it?
- -----Original Message-----
From: sommerfeld%thunk.east.sun.com@localhost
[mailto:sommerfeld%thunk.east.sun.com@localhost] On Behalf Of Bill Sommerfeld
Sent: Thursday, March 20, 2003 1:21 PM
To: Miao Fuyou
Cc: ylo%ssh.com@localhost; kivinen%ssh.com@localhost; ietf-ssh%netbsd.org@localhost
> For the sake of the "public" nature of public key it will not be
> secure if several users share the same public key pair.
But that's not the case you asked about.
> Even if the server try
> its best to keep it secret, the user may disclose the public key
> casually.
But the whole point of public key systems is that they allow you to
disclose the public part of the keypair without creating a security
risk.
> So, it's necessary to ensure the public key pair are unique.
Does not follow. Keypairs are statistically unique and it is highly
improbable that two users might generate the same key, assuming
reasonable random number generators.
> If the server find a user is registering a existing public key, it
> shall refuse the register and invalidate the existing one.
register *what*, precisely?
what are you really trying to accomplish here? what additional security
do you think you might provide?
It may be possible for a "role"-style shared account may have an acl
which allows access to it from multiple keys.
It may also be useful in some cases for a single key to provide access
to multiple accounts or multiple services.
------- End of Forwarded Message
Home |
Main Index |
Thread Index |
Old Index