Re: Fixing exchange of host keys in the SSH key exchange

[Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>]

denis bider (Bitvise) <ietf-ssh3%denisbider.com@localhost> writes:

>For the most recent example, an older version of a popular library used to
>have the "maximum channel packet size" concept completely borked up. For a
>channel opened by the remote party, this library would overwrite its own
>maximum packet size with the remote one. This caused at least two different
>kinds of session-ending problems to arise.

It seems like every implementer has stories like this, but no-one can really
mention them in public because you don't want to embarrass a particular
vendor... would there be any interest in having a private list of email
addresses of people to exchange information like this with?  That way we could
compare notes on necessary fixes that otherwise would need to be rediscovered
for each new implementation.

Peter.