begin Noel L Yap quotation:
> Can you point me to a site describing the structural weaknesses of SSH1?
I don't know of any as such.
Diane Yi of the Beckman Institute had some slides that compare the
protocols:
http://www.beckman.uiuc.edu/biss/security/workshops/2000-02/tsld001.htm
SSH1 is somewhat vulnerable to man-in-the-middle attacks during the
initial server-key exchange between two hosts. (And there's nothing
like PKI.)
The SSH FAQ mentions some differences briefly, and lists the supported
ciphers, but doesn't get into details. Others have been rehashed
many times in prior list threads. You might want to search the
archives.
--
Cheers, "Censeo Toto nos in Kansa esse decisse."
Rick Moen -- D. Gale
rick (at) linuxmafia.com
