Date: Sat, 1 Jan 2000 23:57:44 -0500 From: Dan Moschuk <dan@FreeBSD.ORG> To: Brian Fundakowski Feldman <green@FreeBSD.ORG> Cc: freebsd-security@FreeBSD.ORG Subject: Re: OpenSSH protocol 1.6 proposal Message-ID: <20000101235744.A1550@spirit.jaded.net> In-Reply-To: <Pine.BSF.4.10.10001012320220.10515-100000@green.dyndns.org>; from green@FreeBSD.ORG on Sat, Jan 01, 2000 at 11:24:13PM -0500 References: <20000101214442.A1127@spirit.jaded.net> <Pine.BSF.4.10.10001012320220.10515-100000@green.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
| > Forgive my ignorance of the SSH protocol, but what would happen if two | > projects forked the OpenSSH code and also bumped the minor version number | > up with their own expansions and modifications? | | They'd make sure that they were compatible with eachother :) Really, I | think the same thing will be adopted by both sides, but it would need | people who can cooperate. Alfred and I have already confirmed that | it's not possible to work with theo; markus, on the other hand, seems | to just be ignoring us. You can't simply assume that this will be the case. If Project X decides to implement the same security check but with a different hash (say MD5) and update their minor version to 1.6, you have two incompatible versions. As I mentioned, I'm fairly ignorant to the SSH protocol, but is it not a RFC-defined protocol now? If so, it may not be a good idea to tinker with version numbers. Perhaps include a new cipher (like idea+sha1 and so on), that way if the other end doesn't support it, we can fall back to idea with the regular CRC checks. | I really think the code fork is necessary because OpenBSD (Theo) | simply will not listen to reason and correct his code. It's fighting | an uphill battle when you have to keep fixing code that someone else | keeps breaking. Yes, we have pointed out specific bugs, and only | gotten flames in return. You can't have collaboration without | communication, and communication with the one who's "in charge" is | pointless. I have no problems forking the code branch as long as the other projects see what we are doing and vice versa. It would be nice if we could keep the development teams together though. -- Dan Moschuk (TFreak!dan@freebsd.org) "But time turned a new page, blank for the best." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000101235744.A1550>