oss-sec mailing list archives
Re: OpenSSH key blacklisting
From: Tim Brown <timb () nth-dimension org uk>
Date: Wed, 28 May 2008 15:03:42 +0100
All, Maybe I've missed something, in which case, shoot me down, but why unlike other services that make use of public key cryptography, does OpenSSH not have use a model which supports proper authorisation and revocation mechanisms? Would this not be an ideal opportunity to implement this? Whilst I think there was a reasonable case for such features prior to the Debian OpenSSL vulnerability being identified, I would argue that this issue highlights the case. Comercial SSH already has such functionality - can anyone offer a view on how [well] it works? Tim -- Tim Brown <mailto:timb () nth-dimension org uk> <http://www.nth-dimension.org.uk/>
Current thread:
- Re: OpenSSH key blacklisting, (continued)
- Re: OpenSSH key blacklisting Robert Buchholz (May 17)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Solar Designer (May 18)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Matthias Andree (May 20)
- Re: OpenSSH key blacklisting Solar Designer (May 27)
- Re: OpenSSH key blacklisting Dmitry V. Levin (May 27)
- Re: OpenSSH key blacklisting Tim Brown (May 28)
- Re: OpenSSH key blacklisting Sebastian Krahmer (May 28)
- Re: OpenSSH key blacklisting Tim Brown (Jun 02)
- Re: OpenSSH key blacklisting Sebastian Krahmer (Jun 02)
- Re: OpenSSH key blacklisting Nathanael Hoyle (Jun 04)
- Re: OpenSSH key blacklisting The Fungi (Jun 04)
- Re: OpenSSH key blacklisting Nathanael Hoyle (Jun 04)
- Re: OpenSSH key blacklisting Jonathan Smith (Jun 04)
- Re: OpenSSH key blacklisting Nathanael Hoyle (May 28)
- Re: OpenSSH key blacklisting Florian Weimer (May 28)
- Re: OpenSSH key blacklisting Mike Frysinger (May 31)