1994-03-02 - Re: low-overhead encrypted telnet

Header Data

From: Jim McCoy <mccoy@ccwf.cc.utexas.edu>
To: adam@bwh.harvard.edu (Adam Shostack)
Message Hash: 0e76b57f6878062b6ad3385e6ccb9a20da8ae6f17cf2c109b6e1e5c306e31606
Message ID: <199403021755.AA00466@tramp.cc.utexas.edu>
Reply To: <199403021514.KAA03435@duke.bwh.harvard.edu>
UTC Datetime: 1994-03-02 17:55:45 UTC
Raw Date: Wed, 2 Mar 94 09:55:45 PST

Raw message

From: Jim McCoy <mccoy@ccwf.cc.utexas.edu>
Date: Wed, 2 Mar 94 09:55:45 PST
To: adam@bwh.harvard.edu (Adam Shostack)
Subject: Re: low-overhead encrypted telnet
In-Reply-To: <199403021514.KAA03435@duke.bwh.harvard.edu>
Message-ID: <199403021755.AA00466@tramp.cc.utexas.edu>
MIME-Version: 1.0
Content-Type: text/plain

Adam Shostack <adam@bwh.harvard.edu> writes:
> 	A general framework, based on public key encryption would be a
> far more flexible, powerful and useful tool for generating security on
> the net than simply securing TELNET.

I sincerely doubt that such a system would be designed or implemented
before the turn of the century.  All one needs to do is take a look at the
PEM key certification authority clusterfuck to see just how difficult it
can be to implment something like this.

The additional benefits that adding encryption to telnet offer is that the
telnet protocol is used in more areas than telnet.  Many programs and
protocols use the telnet system for control channels and other bits so that
a significant change to telnet can have ramifications beyond just the
obvious ones...