|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: RSA Patent Expired
[ On Wednesday, October 4, 2000 at 19:43:55 (-0400), Richard A. Steenbergen wrote: ] > Subject: RE: RSA Patent Expired > > I think you're confused, ssh1 is still a very valid protocol. It is well > tested and proven, and in many cases better implemented then ssh2 (though > of course that may change eventually). Don't confuse the desire to make > money with insecurity. It's not that the draft version of the SSH protocol is by design insecure, but rather that it is somewhat broken when faced with real-world requirements -- the design completely omits at least one very critial requirement! The fact that it works as well as it does is a testament both to the ingenuity of its implementors and to the relative reliability of the Internet as a whole. (That's not to slight the initial design as "poor" either -- it was a very ambitious undertaking and some things just had to wait until a proof of concept turned into an indispensable tool! I still use it primarily today and I am only now slowly beginning a transition to SSHv2.) -- Greg A. Woods +1 416 218-0098 VE3TCP <[email protected]> <robohack!woods> Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>
|