IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: additional core draft nits in need of WG attention.



nisse%lysator.liu.se@localhost (Niels =?iso-8859-1?q?M=F6ller?=) writes:
>Bill Sommerfeld <sommerfeld%east.sun.com@localhost> writes:
>> > >10.  Section 5, last paragraph. What is "implicit server
>> > >authentication?"  The whole paragraph is unclear.
>>
>> Can someone provide some fill-in text?
>
>I think it refers to key exchange methods like the ones used in tls
>and ssh1, where one party chooses the session key and encrypts it
>using the other party's public RSA key. Then you must consider the
>remote end unauthenticated until you have verified that she knows the
>session key.

Here's my tongue-in-cheek interpretation from a code comment:

/* [...]

   The spec says that after a key exchange with implicit server
   authentication, the client must wait for the server to send a service-
   accept packet before continuing, however it never explains what implicit
   (and, by extension, explicit) server authentication actually is.  We
   therefore define it to be "Something completely different from what we're
   doing here", which means that we can send the two packets together without
   having to wait for the server */

I read through the surrounding text and tried to figure out what the point of
this requirement was, couldn't really find any, and so came up with the above
interpretation, which works nicely :-).

Peter.



Home | Main Index | Thread Index | Old Index