isn't the problem here that the server is misrepresenting itself? a one bit
difference may not make a less secure key, but it could quite possibly be an
indication of some deception. i worry that altering the client to ignore
this type of error will only open us up to attack, be it
On Thu 09 Mar 2000, Jacob Kuntz wrote:
isn't the problem here that the server is misrepresenting itself? a one bit
difference may not make a less secure key, but it could quite possibly be an
indication of some deception. i worry that altering the client to ignore
this type of error will only
On Tue, Mar 07, 2000 at 11:26:12PM -0500, Michael Stone wrote:
How is it right to spit out an error message on every connection that
adds nothing to most people's use of the product? Especially when there
exists a verbose mode for people who want lots of gory details about the
efficacy of
On Tue, Mar 07, 2000 at 11:26:12PM -0500, Michael Stone wrote:
On Tue, Mar 07, 2000 at 03:13:36PM -0800, Joey Hess wrote:
Michael Stone wrote:
Not very backward-compatible, is it? In some environments it's desirable
to have the software behave the same on every platform; even if it's
On Wed, Mar 08, 2000 at 08:56:34AM -0600, Nathan E Norman wrote:
Eh, well, it is correct[1] behavior to toss out an error message in this
case since it's notifying you of a *security* problem. In fact, it's
telling you that the server key is half as secure as the server claims
it is.
But you
On Wed, Mar 08, 2000 at 09:18:06AM -0500, Branden Robinson wrote:
Use the Source, Luke. Quit whining and start coding.
Why? On hosts where this is an issue, f-secure's ssh does the job just
fine. (Not to mention that I don't live in a free country and can't work
on ssh...)
--
Mike Stone
In Wed, 8 Mar 2000 11:10:11 -0500, de profundis Michael Stone [EMAIL
PROTECTED] cum veritas scribat
mstone Are you really convinced that the security of a 1023 bit key is so much
mstone worse than the security of a 1024 bit key that any amount of effort
mstone necessary to transition to a new
On Thu, 9 Mar 2000, Junichi Uekawa wrote:
Isn't it that to decrypt 1024 key takes double the amount of
CPU time than decrypting 1023 key, as long as there is no other
method than brute-force method of trying every combination.
IMO It is a serious security issue, when the system is half as
8 matches
Mail list logo
