Re: OpenSSH sabotages protocol extension

To: denis bider <ietf-ssh3%denisbider.com@localhost>
Subject: Re: OpenSSH sabotages protocol extension
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Fri, 06 Nov 2015 06:30:45 +0100

denis bider <ietf-ssh3%denisbider.com@localhost> writes:

> Yes. It disconnects if there's any extra data after the recognized field in SERVICE_ACCEPT.
>
> What possible purpose does this serve?
>
> What possible purpose at all, other than to sabotage future extension?

FYI, my implementation does the same. To me, the spec is pretty clear
that a SSH_MSG_SERVICE_ACCEPT can't include any extra data (unlike,
e.g., SSH_MSG_REQUEST_SUCCESS, SSH_MSG_CHANNEL_OPEN, and
SSH_MSG_CHANNEL_OPEN_CONFIRMATION).

There's the liberal tradition in protocol implementation to allow random
garbage at the end of messages. This has it's merit in some cases, but
in security protocols I tend to require that the protcol is adhered to
to the last bit.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

References:
- OpenSSH sabotages protocol extension
  - From: denis bider

Prev by Date: Re: SSH key algorithm updates
Next by Date: Re: SSH key algorithm updates
Previous by Thread: Re: OpenSSH sabotages protocol extension
Next by Thread: RE: OpenSSH sabotages protocol extension
Indexes:

Home | Main Index | Thread Index | Old Index