Kermit 95 Secure Trial Version Announcement

From: fdc@watsun.cc.columbia.edu (Frank da Cruz)
Newsgroups: comp.protocols.kermit.misc
Subject: Secure version of K95 now downloadable
Date: 21 Sep 2001 19:34:37 GMT
Organization: Columbia University

Wednesday we announced a downloadable trial version of Kermit 95 1.1.20. With the increasing importance of network security, we have decided to also make the secure version available to everyone who is allowed by USA export laws to have it, namely citizens and permanent residents of the USA and citizens of Canada, who are in the USA or Canada, for use only in the USA and Canada. Don't blame us for law.

This version of Kermit 95 runs on Windows 95, 98, ME, NT, 2000, and XP on Intel platforms only. It supports the following security methods:

MIT Kerberos IV
MIT Kerberos V
Secure Sockets Layer / Transport Layer Security (SSL/TSL)
Stanford Secure Remote Password (SRP)

All of these are IETF-approved forms of Internet security that are specified in RFCs and in use at major universities, corporations, government agencies, and other large organizations. This is not do-it-yourself public key security; it's serious centrally managed security requiring a professional network/systems security staff and secure authentication database.

You can use the security features of Kermit 95 if you are an authorized user of a host that supports at least one of the security methods listed. A fair amount of configuration is needed to make Kermit 95 select the appropriate method and use the parameters relevant to your site, but all the tools are provided. Configuration and setup is documented in:

  http://www.columbia.edu/kermit/security.html

This download is intended mainly for central-site technical staff to evaluate Kermit 95 for use within their organization. End-users can not use it to obtain secure connections in isolation: a secure connection requires compatible security methods on both ends.

"Why bother with complicated security methods when SSH is so much simpler?": THE MORE SIMPLE, THE LESS SECURE. If you recognize that any security scheme can be compromised, you also know how important it is to be able to recover from compromised security keys, e.g. by revoking them. SSH public-key authorization implementations leave key files on the hard disk. Anybody who can steal your key file (not a big challenge on Windows 95/98/ME) can decrypt it offline at their leisure to obtain access to all your hosts. There is no way to revoke SSH keys other than for the affected user to log in manually to every host and generate new keys (which will not be possible of the identity thief has already changed them). With Kerberos and SRP, on the other hand, there are no key files on the disk to be stolen. If somebody manages to steal your Kerberos identity some other way (e.g. by guessing your pass phrase), it can be revoked centrally and the revocation applies immediately to ALL the hosts you access using Kerberos. It's the classic tradeoff: greater effort up front buys you more safety and less grief (and effort) down the road. And vice versa.
"All the hosts I need to access require SSH so even if it's a bad idea I still need it!": Yes, we know that. We will support SSH (v1 and v2) in the next Kermit 95 release, but we won't offer it up as a security panacea.

If you're a network/systems security professional, we invite you to download the secure K95 demo and try it out:

  http://www.columbia.edu/kermit/k95download.html

If you are a concerned end user, please pass this announcement along to your support staff, and point out the availability of low-cst K95 bulk and site licenses.

  http://www.columbia.edu/kermit/k95pricing.html

If you have questions or comments, feel free to send them to us at the regular address:

  kermit-support@columbia.edu

Thanks.

- Frank