Re: applying AES-GCM to secure shell: proposed "tweak"

To: der Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Damien Miller <djm%mindrot.org@localhost>
Date: Thu, 16 Apr 2009 07:56:00 +1000 (EST)

On Wed, 15 Apr 2009, der Mouse wrote:

> >  - negotiation of compression only post-authentication (a very useful
> >    and awesome OpenSSH extension)
> 
> (a) What's so useful about it?  (I don't offhand see any reason why it
> would be better than starting compression at kex time, and I'm
> wondering what I've missed.)

Avoiding the attack surface presented by compression libraries before
authentication of the user.

> (b) Got a pointer to the spec?  I'd like to read up on it and see if I
> want to implement it.

http://tools.ietf.org/html/draft-miller-secsh-compression-delayed-00

-d

Follow-Ups:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Peter Gutmann

References:
- applying AES-GCM to secure shell: proposed "tweak"
  - From: Tim Polk
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index