[31668] in North American Network Operators' Group
RE: RSA Patent Expired
daemon@ATHENA.MIT.EDU (Joe Shaw)
Thu Oct 5 11:55:17 2000
Date: Thu, 5 Oct 2000 10:49:33 -0500 (CDT)
From: Joe Shaw <jshaw@insync.net>
To: "Richard A. Steenbergen" <ras@e-gerbil.net>
Cc: Richard Welty <rwelty@vpnet.com>,
Bill Fumerola <billf@chimesnet.com>,
Hendrik Visage <hvisage@is.co.za>,
Bradly Walters <bwalters@inet-direct.com>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.21.0010051032310.12563-100000@vellocet.insync.net>
Message-ID: <Pine.GSO.4.21.0010051048270.12563-100000@vellocet.insync.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
Having read the rest of the thread, I see that this was already
covered. My apologies for the twice wasted bandwidth.
--
Joseph W. Shaw - jshaw@insync.net
Computer Security Consultant and Programmer
Free UNIX advocate and all around nice guy.
On Thu, 5 Oct 2000, Joe Shaw wrote:
> No, he's not confused. Supposedly, using any algorithm other than 3DES
> with SSH1 can set you up for some type of stream insertion attack. I've
> never seen it personally, but supposedly the threat does exist.
>
> Furthermore, OpenSSH supports ssh2 and is free, in both the free beer and
> the free speech way. The BSD license is cool like that.
>
> --
> Joseph W. Shaw - jshaw@insync.net
