[3860] in North American Network Operators' Group
Re: Access to the Internic Blocked
daemon@ATHENA.MIT.EDU (Curtis Villamizar)
Fri Aug 23 22:14:48 1996
To: Avi Freedman <freedman@netaxs.com>
cc: curtis@ans.net, avg@quake.net, nanog@merit.edu
Reply-To: curtis@ans.net
In-reply-to: Your message of "Fri, 23 Aug 1996 09:18:22 EDT."
<199608231318.JAA06033@netaxs.com>
Date: Fri, 23 Aug 1996 22:08:40 -0400
From: Curtis Villamizar <curtis@ans.net>
In message <199608231318.JAA06033@netaxs.com>, Avi Freedman writes:
> > Who said one time passwords were secure. Kerberos mutual
> > authentication with encrypted payload is my choice. Some people
> > prefer SSL. AFS is nice if you can afford it. Skey just doesn't cut
> > it. Skey is only slightly better than passwords in the clear.
>
> If you don't care that people see your mail or administrative docs, and
> if everything you do locally is skeyed, why do you feel that s/key is
> so useless?
>
> > Curtis
>
> Just curious,
>
> Avi
If someone decides to be destructive you don't want to have to go
around cleaning up lots of systems. You also don't want to be the
place hackers launch their attacks from if you are very well
connected. If you are web hosting its nice to know the content will
remain intact (there is a tradeoff here between inconvenience to your
customers and encryption based security). There are lots of reasons
for strong security.
Or are you asking what the hole is in skey? If so, we'll talk at
the nanog meeting.
Curtis