home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
linuxmafia.com 2016
/
linuxmafia.com.tar
/
linuxmafia.com
/
pub
/
linux
/
security
/
ssh-protocol-v2-why.txt
< prev
next >
Wrap
Text File
|
2000-06-02
|
2KB
|
44 lines
Archived from http://marc.theaimsgroup.com/?l=secure-shell&m=94279273425043&w=2
List: secure-shell
Subject: OpenSSH and SSHv2
From: "Robert O'Callahan" <roc+@cs.cmu.edu>
Date: 1999-11-16 21:34:46
Niels Provos wrote:
> At the moment it is fairly unlikely that 2.0 will ever be supported.
> 2.0 is a very complicated protocol that is not in wide use. It will be
> easier to role out another protocol version that only includes the
> necessary cryptographic fixes, like a cryptographically strong hash
> for integrity.
I agree that 2.0 is overdesigned and I sympathise with your statements.
However, there are some real issues with 1.x:
- no way to do real flow control on forwarded connections
- no clean way to do connection forwarding without an interactive session
- can't enforce password changing at login
- need to fix algorithms --- hashing, and would be nice to support AES
eventually
- when the RSA patent expires, will that be enough to fully unencumber
SSH? I fear RSA lawyers.
- support for using people's existing PKI (OpenPGP etc)
Over time, I suspect these will drive SSHv2 adoption (or something
equivalent --- IPSEC?).
At the least, I trust there will be careful thought and debate before
anyone forks off a new protocol.
Rob
--
[Robert O'Callahan http://www.cs.cmu.edu/~roc 6th year CMU CS PhD student
"I have seen the burden God has laid on men. He has made everything
beautiful in its time. He has also set eternity in the hearts of men; yet
they cannot fathom what God has done from beginning to end."
--- Ecclesiastes 3:10-11]