Date: Wed, 21 Aug 1996 08:25:21 +0200 From: Mark Murray <mark@grondar.za> To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (Andrey A. Chernov) <ache@nagual.ru> Cc: mark@grondar.za (Mark Murray), current@FreeBSD.org Subject: Re: Secure telnet duplicating: secure & eBones both... Message-ID: <199608210625.IAA28028@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= wrote: > > Right now there is RSA and SPX, Neither of which work and neither of > > which are particularly standard (I speak under correction) as telnet > > authenticators/encryptors. > > I am aware that only Kerberos part is working now. > But, > > 1) What we plan to do when other parts will works in future > versions, move it back? > (it was my question from my first message, unanswered) No. Leave it where it is. There is no point in having three Telnets 1) insecure, 2) secure, no kerberos 3) secure, with kerberos. > 2) It can be build without Kerberos, encryption parts not > active in this case. But at least encryption protocol > negotiation still works. Are you sure? I am not. (Unless you are talking about the WILL/WONT bits) > And yet one my question, unanswered in all messages: > what are the reasons to move it? > As I guess, your logic is: if only Kerberos part works, > move it to eBones. In this case see my (1). Have a good look at how our telnet has been used since 2.0 came out. Our Telnet, although currently in the secure/ source area is actually part of the kerberos binary distribution, and has been that way for a year. That happened when a SNAP was being built, and folks got screwed by loading the secure distribution ang getting a kerberised telnet with no kerberos shared libraries. > I.e. I see _no_ harm leaving it in secure and see I see much harm in having three versions. This is difficult enough to maintain as two versions, let alone three. Even if it did stay as two source versions, how on earth do do propose to build the three varieties I mentioned above? > (1) harm to moving it to eBones. Come on Andrey, Instead of complaining about this, please come up with another proposal - somthing that carries a little more weight than broken and nonexistant code. M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 Finger mark@grondar.za for PGP key
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608210625.IAA28028>