IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

gss userauth

To: ietf-ssh%NetBSD.org@localhost
Subject: gss userauth
From: Love <lha%stacken.kth.se@localhost>
Date: Fri, 22 Aug 2003 16:06:27 +0200

I've pointed out this to the authors privatly, so I'll repeat this
publicly. I consider gss userauth to be broken since it doesn't verify the
session id (using either mic or a channel bindings (like in CCM)).

Love

Attachment: pgp59qbA6FIln.pgp
Description: PGP signature

Follow-Ups:
- Re: gss userauth
  - From: Love Hörnquist Åstrand
- Re: gss userauth
  - From: Joel N. Weber II

References:
- draft minutes from IETF57 secure shell meeting.
  - From: Bill Sommerfeld

Prev by Date: Re: Re-using RSA1 keys as RSA
Next by Date: Re: gss userauth
Previous by Thread: draft minutes from IETF57 secure shell meeting.
Next by Thread: Re: gss userauth
Indexes:

Home | Main Index | Thread Index | Old Index