Date: Sun, 26 Nov 2000 16:40:55 -0800 From: "Crist J . Clark" <cjclark@reflexnet.net> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Niels Provos <provos@citi.umich.edu>, Kris Kennaway <kris@FreeBSD.ORG>, "Brian F. Feldman" <green@FreeBSD.ORG>, security@FreeBSD.ORG Subject: Re: OpenSSH 2.3.0 pre-upgrade Message-ID: <20001126164055.K70192@149.211.6.64.reflexcom.com> In-Reply-To: <3A21954C.F9E9D25F@vangelderen.org>; from jeroen@vangelderen.org on Sun, Nov 26, 2000 at 06:57:16PM -0400 References: <20001126215625.21D89207C1@citi.umich.edu> <3A21954C.F9E9D25F@vangelderen.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 26, 2000 at 06:57:16PM -0400, Jeroen C. van Gelderen wrote: > Hi Niels, > > Niels Provos wrote: > > > > Hi, > > > > Jeroen C. van Gelderen wrote: > > >You happen to know who came up with the non-standard > > >extension to the SSH2 protocol that allows these primes > > >to be used?? > > The key exchange is documented in > > > > Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol > > draft-provos-secsh-dh-group-exchange-00.txt > > > > All rationale is contained within. > > Ah! Thanks for the reference. You might want to publish > a refence to it (and the other I-D/RFCs) on openssh.com. > > I do like the idea behind this new SSH2 key exchange but > I have a question: how does the client detect cooked primes? Why would a client need to? You already place trust in the server; it can obviously decrypt what you send to it. If someone wants to eavesdrop and has compromised the server, there are much, much easier ways for them to do so than slip in "cooked primes." -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001126164055.K70192>