Re: Fixing exchange of host keys in the SSH key exchange

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

> Just thinking about this a bit more, we'd maybe need two things, a
> means of discussing quirks of other implementations, and an
> (informal) registry of SSH ID strings and who to contact if you find
> a problem with that ID, because that's been another problem, "I've
> found a bug with X, who do I report it to?".  Going through standard
> tech-support channels often doesn't work because you're not a
> customer and there's no obvious way to get past the front-end people
> to talk to a developer.

(Well, to be fair, _should_ they be interested in talking to a
non-customer?  Thirty years ago, most admins would have cared about the
problem for its own sake.  That, much as it pains me, is not today's
net.)

Yes, I would support - and participate in, provided it isn't done in a
way that ends up excluding me - such an effort.  There are a bunch of
other things that could be recorded about the various implementations,
such as what they support (not just crypto, as in the quendi.de list,
but other things as well).

It also might be interesting to do interop testing.  I know *I* would
be interested in interop tests - in both directions - with the various
other implementations.  There are a few things I know I don't support
and a bunch I'm fairly sure I do; I'd like to verify the support I
think I have in place, make sure I fail gracefully on the things I know
I don't do, and find out the status of anything in neither category.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B