Date: Sun, 15 Aug 1999 15:55:20 -0700 (PDT) From: Kris Kennaway <kris@hub.freebsd.org> To: Dave Walton <walton@nordicrecords.com> Cc: nsayer@freebsd.org, freebsd-hackers@freebsd.org Subject: SRP (Was: Re: Whither makefiles for src/crypto/telnet/* ?) Message-ID: <Pine.BSF.4.10.9908151547310.45940-100000@hub.freebsd.org> In-Reply-To: <Pine.BSF.4.10.9908151519330.45940-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 15 Aug 1999, Kris Kennaway wrote: > The only issue which (to my knowledge) has never been addressed anywhere > is the authentication protocol exchange between client and server and a > formalized API (PAM doesn't do this: it communicates between a server and > arbitrary backend, among other things, but doesn't specify the > client/server interaction). Ideally, things like SRP, SRA, CHAP, PAP, etc, > should be available as plugins to client/server apps, so we don't have to > make separate patches to telnet/telnetd, ftp/ftpd, etc, for all of the > authentication protocols-of-the-day. This would make a good RFC if one > does not already exist. RFC 2222, Simple Authentication and Security Layer (SASL) seems to cover this from my initial skimming. This would be the way to go for both SRP and SRA, IMO. There may already be RFCs describing the integration of telnet with SASL (although I couldn't find any). SASL doesn't specify the API as far as I can tell. We should look for existing efforts and try and standardize. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9908151547310.45940-100000>