1992-10-28 - D-H telnet protocol

Header Data

From: pmetzger@shearson.com (Perry E. Metzger)
To: gnu@cygnus.com
Message Hash: 29ac1f104c220261d26e5f49f7ec33a8b3ef685752880c3fb0dc3b4c1d71aca1
Message ID: <9210280519.AA17075@newsu.shearson.com>
Reply To: <9210280200.AA24003@cygnus.com>
UTC Datetime: 1992-10-28 05:34:58 UTC
Raw Date: Tue, 27 Oct 92 22:34:58 PPE

Raw message

From: pmetzger@shearson.com (Perry E. Metzger)
Date: Tue, 27 Oct 92 22:34:58 PPE
To: gnu@cygnus.com
Subject: D-H telnet protocol
In-Reply-To: <9210280200.AA24003@cygnus.com>
Message-ID: <9210280519.AA17075@newsu.shearson.com>
MIME-Version: 1.0
Content-Type: text/plain


>From: gnu@cygnus.com

>As I said before, you're free to take what I come up with and add
>authentication.  But stop berating me in public for doing something
>to further the use of cryptography.

I'm not berating. I'm just suggesting.

I understand your reasoning about not wanting users to need to do any
administration, and I also understand your desire to do something good
for the crypto community. I will not argue that its a bad thing. The
only provisio I make is that it is SO easy to spoof exponential key
exchange that I'd argue that providing authentication is crucial if
people aren't going to be lulled into a false sense of security.

Perry






Thread