James A. Donald wrote: > -- > From: Ben Laurie <[EMAIL PROTECTED]> > >>if the key changes in OpenSSH you can't connect until >>you take positive action by deleting the old key from >>the known_hosts file. This is totally different to >>accepting a new key. >> >>I will agree that something better than just showing >>you the key would be cool. Like maybe it could be >>signed by something so you can verify it that way. Oh, >>wait. That's PKI, and we all know PKI is broken. > > > But in what it is it broken?
I was being sarcastic. I don't believe PKI is inherently broken, unlike some. It does have limited uses, though. > Let us imagine that SSH had certified keys. Well, > certifying a key is bound to be complicated, and things > are bound to go wrong, and the name that you bind it to > is bound to be somewhat shifty. I don't see why that would happen all that much, and if it did then just certify with multiple hostnames. > You might bind the key > to ben.com, but then your host is ssh.ben.com. So > pretty soon users are frequently seeing error dialogs - > and so, pretty soon, are always clicking through them. Don't really buy this for what is, mostly, a protocol used by experts. > What is a true name is a deep and difficult question, > and one that people have little patience for when trying > to log in. We are overloaded with names, with the > result that true names are of limited value in > ascertaining true relationships. True names of hosts is not a deep problem. Indeed, it is even possible to discover rigorously (if painfully in extereme cases). Cheers, Ben. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]