[2290] in Kerberos-V5-bugs
Re: telnet/51: telnetd requires auth negotiation to be complete before term set
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Fri Oct 4 09:52:46 1996
Date: Fri, 4 Oct 1996 09:52:28 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: Sam Hartman <hartmans@MIT.EDU>
Cc: schemers@stanford.edu, krb5-bugs@MIT.EDU, krb5-bugs-redist@MIT.EDU
In-Reply-To: Sam Hartman's message of Fri, 4 Oct 1996 00:04:11 -0400,
<9610040404.AA01795@starkiller.MIT.EDU>
Date: Fri, 4 Oct 1996 00:04:11 -0400
From: Sam Hartman <hartmans@MIT.EDU>
However, as demonstrated by the following dump of telnet
options, the client generally does not send the terminal type until
prompted by the server. I suspect your mainframe is violating the
spec in this respect but would have to ponder the appropriate RFCs for
a while to be sure.
I doubt it's a violation of the RFC. We could put in a explicit words
into the draft standard which defines the new telnet "I promise I will
encrypt" bit. If you're not encrypting, whether you assert the
telnet and environment variables before or after the authentication
doesn't really matter anyway.
This has the advantage that old clients who don't know about the "I
promise I will encrypt bit" won't lose.
- Ted
