1994-02-05 - CERT advisory
Header Data
From: hughes@ah.com (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: 728812ac34fe2543811152df21265b91f5ca53d42479ffebe07d6d4fb6113e89
Message ID: <9402050055.AA22719@ah.com>
Reply To: <9402042327.AA43567@dcdmwm.fnal.gov>
UTC Datetime: 1994-02-05 00:59:57 UTC
Raw Date: Fri, 4 Feb 94 16:59:57 PST
Raw message
From: hughes@ah.com (Eric Hughes)
Date: Fri, 4 Feb 94 16:59:57 PST
To: cypherpunks@toad.com
Subject: CERT advisory
In-Reply-To: <9402042327.AA43567@dcdmwm.fnal.gov>
Message-ID: <9402050055.AA22719@ah.com>
MIME-Version: 1.0
Content-Type: text/plain
>The big issue, in my mind, is how the ftpd is going to get the key
>to unlock the *system's* private key... Do you compile it into the
>code? Should ftpd ask for it when it comes up?
Since active interception is not nearly so easy as passive listening,
it would be appropriate to use a Diffie-Hellman key exchange in this
situation. This protocol has no persistent private keys, so the issue
of keeping a private key around securely is not an issue.
Eric
Thread
Return to February 1994
- Return to ““Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>”
- Return to “Brad Huntting <huntting@glarp.com>”
- Return to “hughes@ah.com (Eric Hughes)”
- Return to “Marc W. Mengel <mengel@dcdmwm.fnal.gov>”
Return to “rcain@netcom.com (Robert Cain)”
- 1994-02-04 (Fri, 4 Feb 94 10:29:52 PST) - CERT advisory - “Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>
- 1994-02-04 (Fri, 4 Feb 94 15:29:56 PST) - Re: CERT advisory - Marc W. Mengel <mengel@dcdmwm.fnal.gov>
- 1994-02-05 (Fri, 4 Feb 94 16:19:57 PST) - Re: CERT advisory - Brad Huntting <huntting@glarp.com>
- 1994-02-05 (Fri, 4 Feb 94 16:59:57 PST) - CERT advisory - hughes@ah.com (Eric Hughes)
- 1994-02-05 (Sat, 5 Feb 94 11:45:41 PST) - Re: CERT advisory - rcain@netcom.com (Robert Cain)
- 1994-02-06 (Sat, 5 Feb 94 19:45:49 PST) - CERT advisory - hughes@ah.com (Eric Hughes)
- 1994-02-08 (Tue, 8 Feb 94 15:47:03 PST) - Re: CERT advisory - rcain@netcom.com (Robert Cain)
- 1994-02-06 (Sat, 5 Feb 94 19:45:49 PST) - CERT advisory - hughes@ah.com (Eric Hughes)
- 1994-02-05 (Sat, 5 Feb 94 11:45:41 PST) - Re: CERT advisory - rcain@netcom.com (Robert Cain)
- 1994-02-05 (Fri, 4 Feb 94 21:35:20 PST) - CERT advisory - “Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>
- 1994-02-04 (Fri, 4 Feb 94 15:29:56 PST) - Re: CERT advisory - Marc W. Mengel <mengel@dcdmwm.fnal.gov>