Re: draft-ietf-secsh-gss-keyex and null host keys

To: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Subject: Re: draft-ietf-secsh-gss-keyex and null host keys
From: Bill Sommerfeld <sommerfeld%sun.com@localhost>
Date: Thu, 31 Mar 2005 18:42:57 -0500

On Thu, 2005-03-31 at 14:51, Jeffrey Hutzelman wrote:

> I'm adding the following text to the next version of the draft:

>     <t>Therefore, when a new key for an already-known host is received
>     via the SSH_MSG_KEXGSS_HOSTKEY message, clients SHOULD NOT issue
>     strong warnings or abort the connection, provided the GSSAPI-based
>     key exchange succeeds.</t>

I think we need to provide additional guidance about hostkey update
acceptance..

one extreme:

In general, manually-exchanged-via-trusted-path hostkeys should not be
replaced by GSSAPI-authenticated ones; the former may be considered akin
to trust anchors.

the other: 

if you learned the hostkey via gssapi, you can learn the new one via
gssapi, too..

							- Bill

Follow-Ups:
- Re: draft-ietf-secsh-gss-keyex and null host keys
  - From: Jeffrey Hutzelman
- Re: draft-ietf-secsh-gss-keyex and null host keys
  - From: Sam Hartman

References:
- Re: draft-ietf-secsh-gss-keyex and null host keys
  - From: Jeffrey Hutzelman

Prev by Date: Re: draft-ietf-secsh-gss-keyex and null host keys
Next by Date: Re: draft-ietf-secsh-gss-keyex and null host keys
Previous by Thread: Re: draft-ietf-secsh-gss-keyex and null host keys
Next by Thread: Re: draft-ietf-secsh-gss-keyex and null host keys
Indexes:

Home | Main Index | Thread Index | Old Index