Re: agent draft (was Re: Secure Shell: Milestone Update.)

To: Niels M?ller <nisse%lysator.liu.se@localhost>
Subject: Re: agent draft (was Re: Secure Shell: Milestone Update.)
From: Bill Sommerfeld <sommerfeld%sun.com@localhost>
Date: Fri, 18 Mar 2005 09:43:49 -0500

On Fri, 2005-03-18 at 08:44, Niels M?ller wrote:

> But for login, I think it would be even better with something in the
> srp/speke class of password authentication. Important objectives are:
> Use passphrase also to authenticate the server (so we can bootstrap
> without hostkeys). And don't transmit anything on the wire that allows
> an eavesdropper or MITM to mount a dictionary attack. It's REALLY a
> shame almost everything in that area seem to be patented.

The patent isn't the issue -- it's the license terms offered.

compare: http://www.ietf.org/ietf/IPR/WU-SRP
with: http://www.ietf.org/ietf/IPR/PHOENIX-SRP-RFC2945.txt

Given that many important implementations of ssh are free-as-in-beer, 
anything but royalty-free license terms is not worth our time.

The patents in this space have been very frustrating to a number of IETF
WG's.

					- Bill

Follow-Ups:
- Re: agent draft (was Re: Secure Shell: Milestone Update.)
  - From: Niels Möller

References:
- Re: agent draft (was Re: Secure Shell: Milestone Update.)
  - From: Simon Tatham
- Re: agent draft (was Re: Secure Shell: Milestone Update.)
  - From: Niels Möller

Prev by Date: Re: agent draft (was Re: Secure Shell: Milestone Update.)
Next by Date: Re: agent draft (was Re: Secure Shell: Milestone Update.)
Previous by Thread: Re: agent draft (was Re: Secure Shell: Milestone Update.)
Next by Thread: Re: agent draft (was Re: Secure Shell: Milestone Update.)
Indexes:

Home | Main Index | Thread Index | Old Index