IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: gss userauth



On Tue, Sep 02, 2003 at 12:22:03PM -0400, Jeffrey Hutzelman wrote:
> My approach was to have new clients just send a new message containing the
> MIC, in place of the empty "exchange complete" message that current
> clients send.  An old server receiving this new message would send
> SSH_MSG_UNIMPLEMENTED, and the new client would reply with the old
> completion message.

but this would be a 'hack' not an improved replacement for "gssapi"

> I don't see any way to introduce up-front negotiation into an existing
> mechanism that doesn't already have it, without breaking interoperability
> with the existing implementations.  If you have a suggestion that will
> work, please let me know.

why not use a new method name if there are many existing implementations?



Home | Main Index | Thread Index | Old Index