Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)

To: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Subject: Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
From: "Joel N. Weber II" <ietf-secsh%joelweber.com@localhost>
Date: Wed, 16 Jul 2003 15:23:24 -0400

> BTW, this would apply to GSS-API keyex with SPKM as well.

What does SPKM do that GSI and x509v3-sign-rsa/x509v3-sign-dss don't?
It's bad enough that we already have lots of potential for two
gratuitously incompatible ways to use simple bare Verisign-signed
X.509 certificates.  (And I think there are implementations of both
approaches out there.)

If we want to discuss another GSSAPI mechanism that might possibly be
worth supporting in the future, SRP might be more interesting to
discuss.

Follow-Ups:
- Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Nicolas Williams

References:
- Why SFTP performance sucks, and how to fix it
  - From: Peter Gutmann
- Re: Why SFTP performance sucks, and how to fix it
  - From: Nicolas Williams
- Re: Why SFTP performance sucks, and how to fix it
  - From: Joel N. Weber II
- retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Joel N. Weber II
- Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Nicolas Williams
- Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Joel N. Weber II
- Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
  - From: Nicolas Williams

Prev by Date: Re: Publickey subsystem draft posted
Next by Date: Re: Publickey subsystem draft posted
Previous by Thread: Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
Next by Thread: Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
Indexes:

Home | Main Index | Thread Index | Old Index