IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: retrying keyex (was: Re: Why SFTP performance sucks, and how to fix it)
> BTW, this would apply to GSS-API keyex with SPKM as well.
What does SPKM do that GSI and x509v3-sign-rsa/x509v3-sign-dss don't?
It's bad enough that we already have lots of potential for two
gratuitously incompatible ways to use simple bare Verisign-signed
X.509 certificates. (And I think there are implementations of both
approaches out there.)
If we want to discuss another GSSAPI mechanism that might possibly be
worth supporting in the future, SRP might be more interesting to
discuss.
Home |
Main Index |
Thread Index |
Old Index