Dug has pointed out the prior and careful recap and analysis
on the theoretical kerberos based exploit by Tatu in the
Bugtraq archives. In like fashion, Tatu's elaboration on the
crc SSH v 1.5 weakness was (naturally) waiting further down in
my mail spool.
Please accept my sincere apology, Tatu; I was too quick to
speak as I did.
On Tue, 28 Mar 2000, herrold wrote:
> Tatu, you made like comments (not qualified to the kerberos
> aspect and now explicitly adding the OpenSSH project) two weeks ago,
... <snip> ...
-- R P Herrold
