Site Navigation

Date:      Sat, 14 Aug 1999 11:35:09 -0700
From:      Nick Sayer <nsayer@quack.kfu.com>
To:        Kris Kennaway <kris@hub.freebsd.org>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: Whither makefiles for src/crypto/telnet/* ?
Message-ID:  <37B5B6DD.A2A2448B@quack.kfu.com>
References:  <Pine.BSF.4.10.9908141059190.78768-100000@hub.freebsd.org>

---

index | next in thread | previous in thread | raw e-mail

---

[-- Attachment #1 --]
Kris Kennaway wrote:
> 
> On Fri, 13 Aug 1999, Dave Walton wrote:
> 
> > If you really want to work on an encrypted telnet, check out The
> > Stanford SRP Authentication Project (http://srp.stanford.edu/srp/).
> > I'd love to see SRP integrated into the FreeBSD telnet/telnetd.
> 
> I got started on this, to the extent of storing the SRP data in the passwd
> file as an additional password crypt() method

That will be incompatible with folks who, for example, use the old
style passwords in a YP map in order to be compatible with other
platforms
in the same domain.

As long as you require a shared secret there will be either extra
overhead
to maintain it (in a separate password database) or an exclusion of some
platforms because of inabilities to generate the shared secret (because
they have different crypt()s than we do).

Not requiring a shared secret allows monkey-in-the-middle. But the goal
here is to do better than nothing at all while not adding any
administrative
overhead. If you add overhead, people won't use it. SRA is a compromise
between security and ease of use. "Compromise" is not a four letter
word.
[-- Attachment #2 --]
0�
�	*�H��

��
�0�
�

10	+0	*�H��


��30��0�f�
=��ޅG�
����
0
	*�H��


0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated0
990621000000Z
000620235959Z0�
10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)9810UPersona Not Validated1301U*Digital ID Class 1 - Netscape Full Service10UNicholas W. Sayer1#0!	*�H��

	
nsayer@quack.kfu.com0��0
	*�H��



��0��������u�S��Dp0<��Ԓ��Q��XQ�����\�A�3�
w�Ғcv����Sp���皞���X@�1�Q�j��>D�س9M']�ٻF\��B��в��
:��{	8c���ıPl
�o��

��
�0�
�0	U00��U ��0��0��`�H
��E


0��0(+

https://www.verisign.com/CPS0b+
0V0VeriSign, Inc.0

=VeriSign's CPS incorp. by reference liab. ltd. (c)97 VeriSign0	`�H
��B

�0��
`�H
��E
xvd4652bd63f2047029298763c9d2f275069c7359bed1b059da75bc4bc9701747da5d3f2141beac23ec2fd820bab6df5d711499fa1bc44f5f3ea450c03U,0*0(�&�$�"http://crl.verisign.com/class1.crl0
	*�H��


��Pʿ������C7��9�ەCɓ�g��Jg�vb���y�N�9����.��KLwA�h��~�)��������]���fV��5�������O�,c=��r͈j
O9YQ�@�*81x�����0��smr0�.0���
�v.�=}��%]��
u0
	*�H��


0_10	UUS10U
VeriSign, Inc.1705U.Class 1 Public Primary Certification Authority0
980512000000Z
080512235959Z0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated0��0
	*�H��



��0�����ZD��U�z�-�Ox6�
J�o�T���w*���h���1Apz�K�HV-��B�����D\�B���/��;���'
]��6B3�nT�O�J��������ƚ�j$����e���~���7j�J�	�

�|0z0	`�H
��B


0GU @0>0<`�H
��E


0-0++

www.verisign.com/repository/RPA0U0

�
0U
0
	*�H��


����7;�ڔ7����
q�jm/����d8���[�j�I����}g�-,ݚB��>������V*�3Ǿ�SLý����IBc�¦]XI<�\U�e � �_������Xj��<������n1�<0�8

0��0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated=��ޅG�
����
0	+���0	*�H��

	1	*�H��


0	*�H��

	1
990814183511Z0#	*�H��

	1Q����X�&�Zr�ج��0R	*�H��

	1E0C0
*�H��
0*�H��
�0+0
*�H��

@0
*�H��

(0
	*�H��



��cYNu
�������.����2nH��%#@]	y��M�]�Of#��q[�r�Fq�A&��`�gq���
|�k
|����~4�[��1'X�!F�m��բ�i��A{�����$����(�B��|S!#M�PJ+�

home | help

---

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37B5B6DD.A2A2448B>

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact