From owner-freebsd-security  Sat Jan  1 18:39:53 2000
Delivered-To: freebsd-security@freebsd.org
Received: from spirit.jaded.net (liv3-3.hamilton.idirect.com [209.161.208.3])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4D5F314F3D; Sat,  1 Jan 2000 18:39:40 -0800 (PST)
	(envelope-from dan@spirit.jaded.net)
Received: (from dan@localhost)
	by spirit.jaded.net (8.9.3/8.9.3) id VAA01143;
	Sat, 1 Jan 2000 21:44:42 -0500 (EST)
Date: Sat, 1 Jan 2000 21:44:42 -0500
From: Dan Moschuk <dan@FreeBSD.ORG>
To: Brian Fundakowski Feldman <green@FreeBSD.ORG>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: OpenSSH protocol 1.6 proposal
Message-ID: <20000101214442.A1127@spirit.jaded.net>
References: <Pine.BSF.4.10.10001011324420.756-100000@green.dyndns.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.BSF.4.10.10001011324420.756-100000@green.dyndns.org>; from green@FreeBSD.ORG on Sat, Jan 01, 2000 at 01:49:22PM -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


| Let me know what you all think!  I still haven't quite decided, but I
| think packets which fail the SHA-1 test should be silently dropped, or
| have a counter of them, rather than dropping the connection.  Currently,
| the connection is dropped and error messages displayed/transmitted.  I
| welcome input on that and all parts of this proposal :)

Hi Brian,

Forgive my ignorance of the SSH protocol, but what would happen if two
projects forked the OpenSSH code and also bumped the minor version number
up with their own expansions and modifications?  

-- 
Dan Moschuk (TFreak!dan@freebsd.org)
"No good deed goes unpunished."


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message