Re: latest drafts

To: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Subject: Re: latest drafts
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: 21 Mar 2005 14:59:33 +0100

der Mouse <mouse%Rodents.Montreal.QC.CA@localhost> writes:

> architecture-22 9.3.5 says that publickey makes no server security
> assumptions.  But this is not quite true; a compromised server may be
> able to use a publickey authentication attempt to play MitM to
> authenticate to another host as if it held a public key it does not in
> fact hold.  I'm not sure how feasible this is, because public-key
> signatures are over data blobs including session-specific portions, but
> it's certainly not obvious to me that it's impossible.

I agree it would be desirable to clarify this, as it's not crystal
clear what the MiTM can do and can't do in the scenario with no host
authentication, and publickey userauth.

> Various specifications in transport-24 break rather badly if the cipher
> in use has a block size that is less than 8 bytes but which does not
> divide evenly into 8 bytes.

I think this is a non-issue. There's no exisitng block cipher in wide
use that have a block size that isn't a power of two, as far as I'm
aware. And block ciphers that are adopted in the future ought to have
a block size no smaller than 8 bytes, for the same reasons that AES
uses a larger block size.

Regards,
/Niels

References:
- latest drafts
  - From: der Mouse

Prev by Date: Re: latest drafts
Next by Date: Re: latest drafts
Previous by Thread: Re: latest drafts
Next by Thread: Re: latest drafts
Indexes:

Home | Main Index | Thread Index | Old Index