1994-03-02 - Re: low-overhead encrypted telnet

Header Data

From: “Perry E. Metzger” <pmetzger@lehman.com>
To: smb@research.att.com
Message Hash: 28d561d768541c7cce96a7e46485f62f51132245fd3362388c3b5d292de0a247
Message ID: <9403021653.AA21794@andria.lehman.com>
Reply To: <199403021644.LAA09602@lehman.com>
UTC Datetime: 1994-03-02 16:53:43 UTC
Raw Date: Wed, 2 Mar 94 08:53:43 PST

Raw message

From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Wed, 2 Mar 94 08:53:43 PST
To: smb@research.att.com
Subject: Re: low-overhead encrypted telnet
In-Reply-To: <199403021644.LAA09602@lehman.com>
Message-ID: <9403021653.AA21794@andria.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain



smb@research.att.com says:
> 	 Agreed -- sadly its arriving VERY slowly. 4.4BSD Lite comes with a
> 	 standards-compliant encrypted telnet implementation, however.
> 
> What standards?  There are no RFCs, nor any current drafts, that define
> a telnet encryption option.  The last draft I saw was from 1991, and
> Internet drafts expire after 6 months.  As I recall, the idea that was
> being pushed then was to integrate encryption more closely with
> authentication.

There are much more recent drafts, Steve -- the telnet authentication
option is now RFC1409, as of early last year, and the encryption draft
is dated April 1993 -- see the nearest internet drafts mirror for a
copy. Your recollection of the desire to merge authentication and
encryption is correct -- to my knowledge, the new Cray telnet is an
implementation of the currently circulated draft (which was also
written at Cray).

Perry






Thread