Re: Last Call: Telnet Authentication Option to Proposed Standard
Jeffrey Altman <jaltman@watsun.cc.columbia.edu> Tue, 23 November 1999 14:10 UTC
Received: by ietf.org (8.9.1a/8.9.1a) id JAA08451 for ietf-outbound.10@ietf.org; Tue, 23 Nov 1999 09:10:03 -0500 (EST)
Received: from watsun.cc.columbia.edu (IDENT:cu51491@watsun.cc.columbia.edu [128.59.39.2]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA06702 for <ietf@ietf.org>; Tue, 23 Nov 1999 09:06:45 -0500 (EST)
Received: (from jaltman@localhost) by watsun.cc.columbia.edu (8.8.5/8.8.5) id JAA14622; Tue, 23 Nov 1999 09:06:41 -0500 (EST)
Date: Tue, 23 Nov 1999 09:06:40 -0500
From: Jeffrey Altman <jaltman@watsun.cc.columbia.edu>
Reply-To: jaltman@columbia.edu
To: joda@pdc.kth.se
Cc: ietf-cat-wg@lists.stanford.edu, ietf@ietf.org
Subject: Re: Last Call: Telnet Authentication Option to Proposed Standard
In-Reply-To: Your message of 23 Nov 1999 14:21:19 +0100
Message-ID: <CMM.0.90.4.943366000.jaltman@watsun.cc.columbia.edu>
> The IESG <iesg-secretary@ietf.org> writes: > > > o Telnet Encryption: DES3 64 bit Cipher Feedback > > <draft-altman-telnet-enc-des3-cfb-01.txt> > > o Telnet Encryption: DES3 64 bit Output Feedback > > <draft-altman-telnet-enc-des3-ofb-01.txt> > > Do these make sense at all? Do they provide any better security than > single des? > > I haven't seen any discussion. > > /Johan > I'm not sure that I understand the motivation behind the question. You are questioning the use of Triple DES but not the use of CAST-128. Both are stronger ciphers than single DES but only if you have enough available key info. When using the current Kerberos implementations there is only enough key info a single DES key which is used in both directions. Other authentication methods provide enough key info for the 3DES to use 6 different DES keys with a Triple DES implementation (3 in each direction). Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2 The Kermit Project * Columbia University 612 West 115th St #716 * New York, NY * 10025 http://www.kermit-project.org/k95.html * kermit-support@kermit-project.org
- Re: Last Call: Telnet Authentication Option to Pr… Johan Danielsson
- Re: Last Call: Telnet Authentication Option to Pr… Jeffrey Altman
- Re: Last Call: Telnet Authentication Option to Pr… Johan Danielsson
- Re: Last Call: Telnet Authentication Option to Pr… Jeffrey Altman
- Re: Last Call: Telnet Authentication Option to Pr… Othon Kamariotis
- Last Call: Telnet Authentication Option to Propos… Othon Kamariotis
- Re: Last Call: Telnet Authentication Option to Pr… tytso
- Re: Last Call: Telnet Authentication Option to Pr… Johan Danielsson
- Re: Last Call: Telnet Authentication Option to Pr… Harald Tveit Alvestrand
- Re: Last Call: Telnet Authentication Option to Pr… Jeffrey Altman
- Re: Last Call: Telnet Authentication Option to Pr… William Allen Simpson
- Re: Last Call: Telnet Authentication Option to Pr… Harald Tveit Alvestrand
- Re: Last Call: Telnet Authentication Option to Pr… Assar Westerlund
- IP network address assignments/allocations inform… Pete Loshin
- Re: IP network address assignments/allocations in… Henning Schulzrinne
- RE: IP network address assignments/allocations in… David Newman
- Re: IP network address assignments/allocations in… Bill Manning
- Re: IP network address assignments/allocations in… Henning Schulzrinne
- Re: IP network address assignments/allocations in… Randy Bush
- Re: IP network address assignments/allocations in… Brian E Carpenter
- Re: IP network address assignments/allocations in… Randy Bush
- Re: IP network address assignments/allocations in… Marc Blanchet
- Re: IP network address assignments/allocations in… Christian Huitema
- Re: IP network address assignments/allocations in… Perry E. Metzger
- IETF planning Dave Crocker
- Re: IP network address assignments/allocations in… Yakov Rekhter
- Re: IP network address assignments/allocations in… Jon Crowcroft
- Re: IP network address assignments/allocations in… Bill Manning
- Re: IP network address assignments/allocations in… Steve Deering