-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In <[EMAIL PROTECTED]>, on
02/09/99
at 09:57 AM, Chris Newman <[EMAIL PROTECTED]> said:
>On Mon, 8 Feb 1999, Martin Forssen wrote:
>> I am not really sure that is a good idea since the conditions are quite
>> different. The draft mentioned above is quite concerned with protecting
>> the authentication data while on the wire whereas in ssh we already have a
>> secure channel when authenticating.
>Fair enough. I didn't say it should be identical, but it'd be a lot
>better if whatever mechanism is used in SSH can share the same format for
>the predigested password verifiers on the server end. FYI, there appears
>to be a good chance that DIGEST-MD5 will have OS support in Windows 2000.
>It's certainly nice to be able to use the OS password services rather
>than rolling your own.
Nothing personal but with M$'s track record when it comes to security the
last thing I would want to use it one of their OS's password services.
- --
- ---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
- ---------------------------------------------------------------
Tag-O-Matic: He who laughs last uses OS/2.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i OS/2 for non-commercial use
Comment: Registered_User_E-Secure_v1.1b1_ES000000
Charset: cp850
wj8DBQE2wKlYlHpjA6A1ypsRAhmhAKCbKRCos3EEon31lbcDo3N3SLGBtACbBLD7
WPQM0fUMdVj8RRm9vYxVh6U=
=C9gC
-----END PGP SIGNATURE-----
