Re: GSS-API SRP mech (was Re: retrying keyex ...)

To: Tom Wu <tom%arcot.com@localhost>
Subject: Re: GSS-API SRP mech (was Re: retrying keyex ...)
From: Sam Hartman <hartmans%mit.edu@localhost>
Date: Thu, 17 Jul 2003 07:59:24 -0400

>>>>> "Tom" == Tom Wu <tom%arcot.com@localhost> writes:

    Tom> Joel N. Weber II wrote:
    >> In theory, you can use that SASL mechanism with an intergrity
    >> protection layer.  In practice, since it appears that the SASL
    >> SRP mechanism basically does the things you want a Secure Shell
    >> key exchange to accomplish, it may be better to define a new
    >> Secure Shell key exchange algorithm to support SRP.

    Tom> There are implementations of SRP as an SSH key exchange
    Tom> mechanism 'in the wild', and at least one expired I-D
    Tom> documenting them.  They can presumably be revived as needed.

Please don't; use Keith's GSSAPI mechanism.  I believe that getting
his draft in shape should not take too much time at all.

Follow-Ups:
- Re: GSS-API SRP mech (was Re: retrying keyex ...)
  - From: Simon Tatham

References:
- RE: GSS-API SRP mech (was Re: retrying keyex ...)
  - From: Joseph Salowey
- Re: GSS-API SRP mech (was Re: retrying keyex ...)
  - From: Joel N. Weber II
- Re: GSS-API SRP mech (was Re: retrying keyex ...)
  - From: Tom Wu

Prev by Date: Re: draft-ietf-secsh-assignednumbers-03.txt
Next by Date: Re: GSS-API SRP mech (was Re: retrying keyex ...)
Previous by Thread: Re: GSS-API SRP mech (was Re: retrying keyex ...)
Next by Thread: Re: GSS-API SRP mech (was Re: retrying keyex ...)
Indexes:

Home | Main Index | Thread Index | Old Index