On Thu, 11 Feb 1999, Greg A. Woods wrote:
> If you're using SSH or any other host-based network security package
> then you *ARE* trusting the remote client hosts regardless of what you
> may think and regardless of the type or style or implementation of
> authentication that you use with SSH. Period. There are no "ifs ands
> or buts" here.
Yes, this is not what I am arguing, the fact is that trust at one time
does not imply continuing trust. Any security system worth the name is
able to handle loosing trust in a previously trusted system. A good
security system handles loosing trust while a connection is active by
limiting the effects of such a compromise in time.
An example of such a system is one which requires authentication of _all_
your actions through a trusted device. This in effect moves the terminal
client to the trusted device. A sliding scale which offers larger and
larger windows of attacks and also more potential damage to the system
exists as each authorization is valid for more operations and longer
timespans. Of course, this depends entierly on an effective in-depth
security system which is not common. For practical purposes on current
os:es which have a security model akin to the one unix uses this methos is
not feasable.
The main point in favour of otp:s is automatic revocation. _This_ is why I
want otp support in ssh. The clients are trusted - for now. Perhaps they
won't be tomorrow. Otp hardware solves this nicely.
> You have *NO* idea what you're talking about.
Well, actually this is getting to e my impression of you...
Peter
--
Peter Svensson ! Pgp key available by finger, fingerprint:
<[EMAIL PROTECTED]> ! 8A E9 20 98 C1 FF 43 E3 07 FD B9 0A 80 72 70 AF
<[EMAIL PROTECTED]> !
------------------------------------------------------------------------
Remember, Luke, your source will be with you... always...
