[3206] in Release_Engineering
Re: Jeff's inetd.conf/services addition
wesommer@ATHENA.MIT.EDU (wesommer@ATHENA.MIT.EDU)
Wed May 4 17:34:18 1994
The GDSS stuff showed up after I left athena, so I'm not familiar
with it.
Is the set of people authorized to sign things using the GDSS secret key
exactly the same as the set of people authorized to use the gsh service?
If not, why are the two services sharing a key pair?
Is the added risk of disclosure of the GDSS secret key (because it now has
another use) worth it?
Is the text of the command itself signed, or just the timestamp?
Is there any replay detection present?
