IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [Curdle] Client-side SSH_MSG_EXT_INFO: Use it or lose it principle!



>> Without "global-requests-ok", the server needs a database of client version$

It seems to me that mollycodding broken implementations only leads to
more broken implementations.

If you really want to improve the ssh-implementation ecosystem, the
right thing, I believe, is to just send the global request anyway.
Peers that crash in response are broken and deserve to crash.

Providing an option to disable the extension requests, so that people
who want to interoperate with a broken implementation can, might make
sense (moussh does this) but I strongly believe that the default should
be to send the request, both to fully support non-broken
implementations and to render broken implementations *obviously* broken
(moussh does this too).

Of course, this is coming from a non-commercial point of view, that has
no hesitation calling a broken implementation broken.

There is a good case study, in the form of SMTP, for what happens if
you try to be "kind" to broken implementations: you end up with no end
of brokenness getting worked around forever.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B



Home | Main Index | Thread Index | Old Index