From owner-freebsd-security@FreeBSD.ORG Tue Jun 26 03:14:48 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3F8D0106564A for ; Tue, 26 Jun 2012 03:14:48 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-we0-f182.google.com (mail-we0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id B5EF38FC15 for ; Tue, 26 Jun 2012 03:14:47 +0000 (UTC) Received: by werg1 with SMTP id g1so4221737wer.13 for ; Mon, 25 Jun 2012 20:14:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=I9tXSeRspx+4Fr80pkmXylC7RvxylBu4SmISwsn6Oi8=; b=BllJsB0f2lG7A4BIczzXmIeaeeyYkbVA/hBq1MPptxpOQF7/CfO0i4Sa/HEyQjZ3e5 EeBUA+y+BheKXWKBu1gyFxZRw4W/oCmaoSSiLBgoXNF5lTuPfUS5NU86xdUHuz1cOdv7 RMiLRsQKDZ0G0KCpXNfM9PoGrBvuAaxFw31rm7O1GQtsYSUQsYxW2IncE1GAAkzrh1v4 S5PbHYq+CUIut9tEUww/mikn5h8DWzmh8ViC+kJ6MiK2whbDfd8yoHAoHSbG5+G/KeMM 1wOb3k1LJN3rhhZQvALKda7LKlVN/wT96pDmwxlTjtDvilGOvqEUm8eSATO67qaG4cMs UeYQ== Received: by 10.180.102.9 with SMTP id fk9mr3917790wib.1.1340680484166; Mon, 25 Jun 2012 20:14:44 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id z8sm3169951wiy.1.2012.06.25.20.14.41 (version=SSLv3 cipher=OTHER); Mon, 25 Jun 2012 20:14:43 -0700 (PDT) Date: Tue, 26 Jun 2012 04:14:40 +0100 From: RW To: freebsd-security@freebsd.org Message-ID: <20120626041440.7ac5a517@gumby.homeunix.com> In-Reply-To: <4FE91C73.8040500@FreeBSD.org> References: <86zk7sxvc3.fsf@ds4.des.no> <20120625023104.2a0c7627@gumby.homeunix.com> <86pq8nxtjp.fsf@ds4.des.no> <20120625223807.4dbeb91d@gumby.homeunix.com> <4FE8DF29.50406@FreeBSD.org> <20120625235310.3eed966e@gumby.homeunix.com> <4FE8F814.5020906@FreeBSD.org> <20120626015323.02b7f348@gumby.homeunix.com> <4FE9094A.4080605@FreeBSD.org> <20120626024624.4c333bd2@gumby.homeunix.com> <4FE916AA.6050503@FreeBSD.org> <20457.6828.250844.390589@hergotha.csail.mit.edu> <4FE91C73.8040500@FreeBSD.org> X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.6; amd64-portbld-freebsd8.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Jun 2012 03:14:48 -0000 On Mon, 25 Jun 2012 19:20:35 -0700 Doug Barton wrote: > For the zillionth time, my point is that being able to impersonate the > server is not going to get you anywhere for sessions *other* than the > ones that terminate at your fake-but-has-the-private-key host. It's actually the first time that anyone has mentioned other sessions, not the zillionth.