Re: Feedback from uri list

To: der Mouse <mouse%Rodents-Montreal.ORG@localhost>, ietf-ssh%NetBSD.org@localhost
Subject: Re: Feedback from uri list
From: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Date: Fri, 16 Oct 2009 01:46:41 -0400

--On Thursday, October 15, 2009 04:22:35 PM -0400 der Mouse<mouse%Rodents-Montreal.ORG@localhost> wrote:

Anyway, I'd favor

  fp-md5=ssh-dss-c1b13029d7b8de6c977710d746416387


The problem with that (or the more verbose form) arises as soon as you
try to express "here's the host's ssh-dss fingerprint and here's its
ssh-rsa fingerprint".  This turns into something like
fp-md5=ssh-dss-60b725f10c9c85c70d97880dfe8191b3&fp-md5=ssh-rsa-3b5d5c3712
955042212316173ccf37be, which, syntactically, is providing conflicting
values to a single parameter.  That's whence the attempt to move the to
the left side of the equal sign in some way.

Unfortunately, that's insufficient. Depending on the situation, one mightwish to express that the named host may provide any of several keys, allusing the same algorithm. For example, one might provide a hostname whichresolves to one of several distinct machines.


-- Jeff

Follow-Ups:
- Re: Feedback from uri list
  - From: denis bider (Bitvise)

References:
- Feedback from uri list
  - From: Steve Suehring
- Re: Feedback from uri list
  - From: Jacob Nevins
- Re: Feedback from uri list
  - From: Niels Möller
- Re: Feedback from uri list
  - From: denis bider (Bitvise)
- Re: Feedback from uri list
  - From: Jeffrey Hutzelman
- Re: Feedback from uri list
  - From: denis bider (Bitvise)
- Re: Feedback from uri list
  - From: denis bider (Bitvise)
- Re: Feedback from uri list
  - From: Niels Möller
- Re: Feedback from uri list
  - From: der Mouse

Prev by Date: Re: Feedback from uri list
Next by Date: Re: Feedback from uri list
Previous by Thread: Re: Feedback from uri list
Next by Thread: Re: Feedback from uri list
Indexes:

Home | Main Index | Thread Index | Old Index