Re: Telnet encryption
John Gardiner Myers <jgm+@cmu.edu> Fri, 09 February 1996 18:28 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa18607; 9 Feb 96 13:28 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa18603; 9 Feb 96 13:28 EST
Received: from timbuk.cray.com by CNRI.Reston.VA.US id aa11412; 9 Feb 96 13:28 EST
Received: from ironwood.cray.com (daemon@ironwood-fddi.cray.com [128.162.21.36]) by timbuk.cray.com (8.6.12/CRI-gate-8-2.11) with ESMTP id MAA11784; Fri, 9 Feb 1996 12:24:10 -0600
Received: (from daemon@localhost) by ironwood.cray.com (8.6.12/CRI-ccm_serv-8-2.8) id MAA24850 for telnet-ietf_list@sdiv; Fri, 9 Feb 1996 12:18:53 -0600
Received: from t2.cray.com (root@t2 [128.162.19.5]) by ironwood.cray.com (8.6.12/CRI-ccm_serv-8-2.8) with ESMTP id MAA24839 for <telnet-ietf@ironwood.cray.com>; Fri, 9 Feb 1996 12:18:52 -0600
Received: from timbuk.cray.com (root@timbuk.cray.com [128.162.19.7]) by t2.cray.com (8.6.12/craymail-smart) with ESMTP id MAA18049 for <telnet-ietf@cray.com>; Fri, 9 Feb 1996 12:18:51 -0600
Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by timbuk.cray.com (8.6.12/CRI-gate-8-2.11) with ESMTP id MAA11352 for <telnet-ietf@cray.com>; Fri, 9 Feb 1996 12:18:48 -0600
Received: (from postman@localhost) by po10.andrew.cmu.edu (8.7.3/8.7.1) id NAA00645 for telnet-ietf@cray.com; Fri, 9 Feb 1996 13:18:45 -0500
Received: via switchmail; Fri, 9 Feb 1996 13:18:45 -0500 (EST)
Received: from hogtown.andrew.cmu.edu via qmail ID </afs/andrew.cmu.edu/service/mailqs/testq0/QF.Il6szO200WBwM0ZZ1R>; Fri, 9 Feb 1996 13:18:02 -0500 (EST)
Received: from hogtown.andrew.cmu.edu via qmail ID </afs/andrew.cmu.edu/usr7/jgm/.Outgoing/QF.wl6szL600WBwM11jJ6>; Fri, 9 Feb 1996 13:17:59 -0500 (EST)
Received: from BatMail.robin.v2.14.CUILIB.3.45.SNAP.NOT.LINKED.hogtown.andrew.cmu.edu.sun4c.411 via MS.5.6.hogtown.andrew.cmu.edu.sun4c_411; Fri, 9 Feb 1996 13:17:55 -0500 (EST)
Message-ID: <8l6szHi00WBw411j93@andrew.cmu.edu>
Date: Fri, 09 Feb 1996 13:17:55 -0500
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: John Gardiner Myers <jgm+@cmu.edu>
To: telnet-ietf@cray.com
Subject: Re: Telnet encryption
In-Reply-To: <199602090223.VAA06128@badger.lehman.com>
References: <199602090223.VAA06128@badger.lehman.com>
"Richard Basch" <basch@lehman.com> writes: > In some cases, it may employ the keys that were > negotiated during the authentication option, but a combined option > should not be designed that inhibits the use of encryption without > authentication. The issue is not so much encryption as integrity protection of the authenticated connection. If a client is willing to authenticate a connection to be used without integrity protection, the negotiation of its willingness to do without integrity protection must be integrity protected. An authentication protocol which does not allow a client to make its authentication conditional upon the integrity protection of the connection is simply unacceptable. It just so happens that for Telnet, the only integrity protection people are interested in is encryption. As for "inhibiting the use of encryption without authentication", one could define an "authentication" mechanism, such as Diffie-Hellman, which is only able to "authenticate" the anonymous identity. -- _.John G. Myers Internet: jgm+@CMU.EDU LoseNet: ...!seismo!ihnp4!wiscvm.wisc.edu!give!up
- Telnet encryption Richard Basch
- Re: Telnet encryption Philippe-Andre Prindeville
- Re: Telnet encryption John Gardiner Myers