Re: Access to the Internic Blocked

[Curtis Villamizar <curtis () ans net>]

In message <199608231318.JAA06033 () netaxs com>, Avi Freedman writes:
> > Who said one time passwords were secure.  Kerberos mutual
> > authentication with encrypted payload is my choice.  Some people
> > prefer SSL.  AFS is nice if you can afford it.  Skey just doesn't cut
> > it.  Skey is only slightly better than passwords in the clear.
>
> If you don't care that people see your mail or administrative docs, and
> if everything you do locally is skeyed, why do you feel that s/key is
> so useless?
>
> > Curtis
>
> Just curious,
>
> Avi


If someone decides to be destructive you don't want to have to go
around cleaning up lots of systems.  You also don't want to be the
place hackers launch their attacks from if you are very well
connected.  If you are web hosting its nice to know the content will
remain intact (there is a tradeoff here between inconvenience to your
customers and encryption based security).  There are lots of reasons
for strong security.

Or are you asking what the hole is in skey?  If so, we'll talk at
the nanog meeting.

Curtis
- - - - - - - - - - - - - - - - -