IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: IESG feedback on core drafts.
Frank Cusack wrote:
>On Mon, Mar 31, 2003 at 08:08:59AM -0800, Chris Lonvick wrote:
>> The "none" cipher is provided for debugging and should never be used
>> except for that purpose. It's cryptographic properties are
>> sufficiently described in RFC 2410.
>
>I believe the "none" cipher has legitimate uses besides debugging. You
>may want the authentication mechanisms provided by SSH, but not the data
>confidentiality. EG: you are copying already encrypted data between
>machines that have such low CPU power that encryption is a significant
>overhead.
Do you really think there is any real-world case where this will come up?
Remember, to use SSH you have to be able to do a public-key operation.
I'm hard-pressed to imagine any scenario where the public-key operation
is feasible but there is no symmetric-key encryption that will be.
Allowing people to use the none cipher is asking for trouble. Many people
expect the (symmetric-key) crypto to be much more expensive than it really
is. The ``SHOULD NOT use "none" cipher'' language seems reasonable.
Home |
Main Index |
Thread Index |
Old Index