[746] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] SSL

daemon@ATHENA.MIT.EDU (Jordy)
Wed Jun 5 13:27:45 1996

Date: Sun, 2 Jun 1996 23:21:31 -1000 (HST)
From: Jordy <jordy@aloha.com>
To: linux-security <linux-security@tarsier.cv.nrao.edu>


I'm curious to know everyone's thoughts on the Secure Socket Layer 
implementations for Linux. At this time, they provide Authentication and 
integration with Keberos (if i read the SSLtelnet docs correctly) This 
seems like a plausable solution to secure intranets and for the rest of 
the internet community.

One thing that seems to bother me is that in the telnet daemon, it won't 
ask for the login name if the client and daemon have authentication. I 
guess this is a "feature", it would be a lot nicer if it used the keys 
and the password with kerberos encryption. I think this would probably 
fix the problem of packet sniffing of the passwords while login.

I really wish the US would get off its high horse and allow stranger 
encryption methods to be released outside of the US. Once and for all we 
could end this game we play with hackers at this level at least.


Jordy

home help back first fref pref prev next nref lref last post