From owner-freebsd-security Tue Feb 28 11:58:33 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id LAA01014 for security-outgoing; Tue, 28 Feb 1995 11:58:33 -0800 Received: from sgiblab.sgi.com (sgiblab.SGI.COM [192.82.208.3]) by freefall.cdrom.com (8.6.9/8.6.6) with SMTP id LAA00962; Tue, 28 Feb 1995 11:58:08 -0800 Received: from idiom.com by sgiblab.sgi.com via SMTP (920330.SGI/911001.SGI) id AA19907; Tue, 28 Feb 95 02:24:38 -0800 Received: (from muir@localhost) by idiom.com (8.6.10/8.6.10) id CAA11885; Tue, 28 Feb 1995 02:19:35 -0800 Date: Tue, 28 Feb 1995 02:19:35 -0800 From: David Muir Sharnoff Message-Id: <199502281019.CAA11885@idiom.com> To: hackers@freefall.cdrom.com, security@freefall.cdrom.com Subject: Re: key exchange for rlogin/telnet services? Sender: security-owner@FreeBSD.org Precedence: bulk S/Key works fairly well for the time being. It's not great, but the better D-H solution can't be used yet in the United States... So, how about we get some of our foriegn friends to make the D-H changes to rlogin/telnet (add a -s flag or something) and then set up defaults so that the D-H stuff is only used if: you're outside the US --- Jordan we'll need a config file or something it's after the expire data on the patent (sometime in 1997) I think it would be really cool if the day the patent ran out all the software automagically started doing the right thing. -Dave