From owner-freebsd-security  Mon Jan  3 14:49:45 2000
Delivered-To: freebsd-security@freebsd.org
Received: from folly.informatik.uni-erlangen.de (nbgdi4-145-253-132-004.arcor-ip.net [145.253.132.4])
	by hub.freebsd.org (Postfix) with ESMTP
	id A016C14C2B; Mon,  3 Jan 2000 14:49:41 -0800 (PST)
	(envelope-from markus.friedl@informatik.uni-erlangen.de)
Received: by folly.informatik.uni-erlangen.de (Postfix, from userid 31451)
	id E8714B7F; Mon,  3 Jan 2000 23:49:31 +0100 (CET)
Date: Mon, 3 Jan 2000 23:49:30 +0100
From: Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
To: David Rankin <drankin@bohemians.lexington.ky.us>
Cc: Brian Fundakowski Feldman <green@FreeBSD.org>,
	"Michael H. Warfield" <mhw@wittsend.com>,
	Dug Song <dugsong@monkey.org>, security@FreeBSD.org,
	openssh-unix-dev@mindrot.org
Subject: Re: OpenSSH protocol 1.6 proposal
Message-ID: <20000103234930.A10240@folly.informatik.uni-erlangen.de>
References: <20000102151208.A21548@folly.informatik.uni-erlangen.de> <Pine.BSF.4.10.10001021441330.8076-100000@green.dyndns.org> <20000103092733.B3780@rumpole.bohemians.lexington.ky.us>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.7i
In-Reply-To: <20000103092733.B3780@rumpole.bohemians.lexington.ky.us>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I hope this is my last mail on this subject.  All this discussion
about SSH2 misses the fact that we are talking about a security
product, so 'features' should not be overrated.

Especially for ssh it should be remembered that "complexity is the
enemy".  You almost get my SSH1.6 for free.  The patches consist
of minor modifications that are supposed to makes SSH1 much more
secure.  Compare the code size of OpenSSH (~ 20.000 lines) with the
code size of ssh-2.0.1x (~ 100.000 lines), an incarnation of SSH2.
Do secure protocols leed to secure implementations?

Security is also about trust.  SSH1 is old, stable, venerable,
widely used, reviewed and testetd.  Thus it consists of trusted
code.  Minor modifications, e.g. SSH1.6, should not reduce trust.
But what happens with major modifications, i.e. SSH2?  Can you still
trust the code?  Or can you trust an entirely new implementation
of a complex protocol?

Wrt 'features': SSH1 has some support for challenge/response
authentication, OpenSSH does s/key within the SSH1 framework.

Wrt OpenSSH 2: I don't think we need a special mailing-list.  If
you know of the internals of OpenSSH and/or the SecSH-drafts and
want to help implement SSH2, send private mail to me and I'll share
my code fragements.  But it's too soon for publication.

If you want an implementation that does not use the old code: LSH
speaks SSH2.

cheers, -markus


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message