North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Access to the Internic Blocked
In message <[email protected]>, Avi Freedman writes: > > Who said one time passwords were secure. Kerberos mutual > > authentication with encrypted payload is my choice. Some people > > prefer SSL. AFS is nice if you can afford it. Skey just doesn't cut > > it. Skey is only slightly better than passwords in the clear. > > If you don't care that people see your mail or administrative docs, and > if everything you do locally is skeyed, why do you feel that s/key is > so useless? > > > Curtis > > Just curious, > > Avi If someone decides to be destructive you don't want to have to go around cleaning up lots of systems. You also don't want to be the place hackers launch their attacks from if you are very well connected. If you are web hosting its nice to know the content will remain intact (there is a tradeoff here between inconvenience to your customers and encryption based security). There are lots of reasons for strong security. Or are you asking what the hole is in skey? If so, we'll talk at the nanog meeting. Curtis - - - - - - - - - - - - - - - - -
|