Bugtraq mailing list archives
Re: "The End of SSL and SSH?"
From: Brett Glass <brett () LARIAT ORG>
Date: Wed, 20 Dec 2000 13:31:41 -0700
At 11:47 AM 12/19/2000, Perry E. Metzger wrote:
I doubt it. SSH and SSL are fine protocols, but are dependent on key management mechanisms. What you are noting is that key management is a hard problem. Well, so it is -- but that doesn't mean that if we change the way we do key management that SSH and SSL would go away. The protocols themselves are fine.
I agree with Perry. The protocols are useful; they simply cannot "chew our food for us," as it were. No matter how secure the encryption scheme we use, we must always take responsibility for managing our keys and passwords or all attempts at security are for nought. --Brett Glass "The plural of anecdote is data." -- Marc Bekof
Current thread:
- sshmitm, webmitm Dug Song (Dec 18)
- Re: sshmitm, webmitm Samuele Giovanni Tonon (Dec 20)
- Re: sshmitm, webmitm Boris Lorenz (Dec 21)
- "The End of SSL and SSH?" Perry E. Metzger (Dec 20)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 19)
- Re: "The End of SSL and SSH?" Stefan Monnier (Dec 20)
- Re: "The End of SSL and SSH?" Brett Glass (Dec 20)
- Re: "The End of SSL and SSH?" Crispin Cowan (Dec 20)
- Re: "The End of SSL and SSH?" Ajax (Dec 20)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)
- Re: "The End of SSL and SSH?" Kurt Seifried (Dec 19)
- Re: "The End of SSL and SSH?" Damien Miller (Dec 21)
- Re: "The End of SSL and SSH?" Ryan Russell (Dec 21)
- Re: sshmitm, webmitm Samuele Giovanni Tonon (Dec 20)
- Re: "The End of SSL and SSH?" Michael H. Warfield (Dec 20)
- Re: "The End of SSL and SSH?" Perry E. Metzger (Dec 21)
- Re: "The End of SSL and SSH?" Eric Rescorla (Dec 21)