Re: [Uri-review] ssh URI
Conrad Parker <conrad@annodex.net> Tue, 13 October 2009 03:35 UTC
Return-Path: <conrad.parker@gmail.com>
X-Original-To: uri-review@core3.amsl.com
Delivered-To: uri-review@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ABACE3A698B for <uri-review@core3.amsl.com>; Mon, 12 Oct 2009 20:35:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.488
X-Spam-Level:
X-Spam-Status: No, score=-0.488 tagged_above=-999 required=5 tests=[BAYES_05=-1.11, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fr8sbXA6JJGJ for <uri-review@core3.amsl.com>; Mon, 12 Oct 2009 20:35:27 -0700 (PDT)
Received: from mail-yw0-f189.google.com (mail-yw0-f189.google.com [209.85.211.189]) by core3.amsl.com (Postfix) with ESMTP id E378D3A6844 for <uri-review@ietf.org>; Mon, 12 Oct 2009 20:35:26 -0700 (PDT)
Received: by ywh27 with SMTP id 27so2765146ywh.31 for <uri-review@ietf.org>; Mon, 12 Oct 2009 20:35:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=tw8hI698Hzv9bsFoYEqxOUkudhdU3i04azKCYMBrEYA=; b=b15YyPYlrv/fm9UEuGOcCqu5mfa+l58DcmwH684aVclnjM5BIyAcDF4ngVi3K5OvJY RAcRFc2vxjVyGi4wdraQzSSSXtfJlKIH+2xX9TEH8DbSwAk2CE5RtmejJL2y2ai8YdvD qldZv0nhME9zR2RntcYFtPcCLszthQHcak8rU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=ma4OYohxXZUVVH1JgPmjMCt72nNq3jU4KTiVqpYNGYp/4YSEf/tLyewDzUQx4eNzAj Mr5rG8ddNKKx1Brp99V40vktweNIQV5AeEikEkYs+B4A/bsPHhoWHlDac6U+kLOlo36i b95UjNpmo2V4wVqwEs8LCl5zw7ovxp6Zd/oG4=
MIME-Version: 1.0
Sender: conrad.parker@gmail.com
Received: by 10.91.28.9 with SMTP id f9mr4066626agj.89.1255404925086; Mon, 12 Oct 2009 20:35:25 -0700 (PDT)
In-Reply-To: <1255395156.5481.10083.camel@dbooth-laptop>
References: <20091009160149.GB16908@braingia.org> <1255366894.5481.8445.camel@dbooth-laptop> <5EAB4D387A4A4B7C854FBD1869729771@POCZTOWIEC> <1255395156.5481.10083.camel@dbooth-laptop>
Date: Tue, 13 Oct 2009 12:35:25 +0900
X-Google-Sender-Auth: 41a1dcf8c348aa53
Message-ID: <dba6c0830910122035t79122212qb9fa3d1ea38ab909@mail.gmail.com>
From: Conrad Parker <conrad@annodex.net>
To: David Booth <david@dbooth.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Tue, 13 Oct 2009 08:06:42 -0700
Cc: uri-review@ietf.org, uri@w3.org
Subject: Re: [Uri-review] ssh URI
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uri-review>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Oct 2009 03:59:59 -0000
2009/10/13 David Booth <david@dbooth.org>: > > I was referring to the adoption rate for clients (such as browsers) > recognizing these new SSH URIs and using them for their intended > purpose. A browser encountering a URI beginning "ssh:..." will not be > able to do anything useful with it until it knows the special semantics > assigned to the "ssh:" prefix. But a browser encountering a URI > beginning "https://sshuri.org/..." could try to dereference that URI and > could be led to software that, once installed, *would* know to open an > SSH connection when encountering such a URI. This could dramatically > improve the rate at which browsers learn how to handle these SSH URIs. > Make sense? Encouraging end-users to download ssh client software from a random web site specified by a third-party web-page author, and then (automatically) using that software to connect to the desired ssh server ... and hoping that this is somehow secure by using an SSL/TLS connection to access that software? No, this does not make sense. It encourages use of untrusted ssh client software (eg. not sourced from your operating system vendor, unsigned etc.) so the scheme could be easily exploited by a third party to serve an ssh client with a backdoor. Using https to access that info/software does nothing to secure the initiation of the ssh connection. If anything, ssh provides a good use-case for a custom uri scheme. Conrad.
- Re: [Uri-review] ssh URI Křištof Želechovski
- Re: [Uri-review] ssh URI Křištof Želechovski
- Re: [Uri-review] ssh URI Eliot Lear
- Re: [Uri-review] ssh URI 'Steve Suehring'
- [Uri-review] ssh URI Steve Suehring
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI Eliot Lear
- Re: [Uri-review] ssh URI Steve Suehring
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI Kristof Zelechovski
- Re: [Uri-review] ssh URI Eliot Lear
- Re: [Uri-review] ssh URI Daniel R. Tobias
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI Bob Aman
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI Bob Aman
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI John Cowan
- Re: [Uri-review] ssh URI Eliot Lear
- Re: [Uri-review] ssh URI Kristof Zelechovski
- Re: [Uri-review] ssh URI Bob Aman
- Re: [Uri-review] ssh URI Conrad Parker
- Re: [Uri-review] ssh URI Dan Brickley
- Re: [Uri-review] ssh URI Dan Brickley
- Re: [Uri-review] ssh URI Dan Brickley
- Re: [Uri-review] ssh URI Ted Hardie
- Re: [Uri-review] ssh URI Dan Brickley
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI David Booth
- Re: [Uri-review] ssh URI Steve Suehring
- Re: [Uri-review] ssh URI Paul Prescod