IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: gss userauth

To: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Subject: Re: gss userauth
From: Markus Friedl <markus%openbsd.org@localhost>
Date: Wed, 27 Aug 2003 11:27:55 +0200

On Tue, Aug 26, 2003 at 09:34:07PM -0700, Nicolas Williams wrote:
> suffice.  We have other userauths that also don't bind authentication to
> the session ID (password, keyboard-interactive), so gss userauth's

so both are weak forms of authentication.

> failure to bind authentication to the session ID is acceptable,

so gss userauth should be weak as well?

Follow-Ups:
- Re: gss userauth
  - From: Nicolas Williams

References:
- draft minutes from IETF57 secure shell meeting.
  - From: Bill Sommerfeld
- gss userauth
  - From: Love
- Re: gss userauth
  - From: Love Hörnquist Åstrand
- Re: gss userauth
  - From: Sam Hartman
- Re: gss userauth
  - From: Nicolas Williams

Prev by Date: Re: gss userauth
Next by Date: Re: gss userauth
Previous by Thread: Re: gss userauth
Next by Thread: Re: gss userauth
Indexes:

Home | Main Index | Thread Index | Old Index