Re: (no subject)

Date: 01/14/01

Date: Sun, 14 Jan 2001 01:49:24 -0800 (PST)

On 14 Jan, Frank Tobin wrote:
> Crist J. Clark, at 16:50 -0800 on Sat, 13 Jan 2001, wrote:
> I am not sure I understand your argument here. I your system, how does
> the _user_ authenticate himself? Biometrics? HW token? Smart card?
> Really, no passwords?
> One key idea is to leave the strength of the security as much up to the
> user as possible. With passwords, however, the user has to worry about
> both ends being compromoised (his end, and the server's end); if the
> server is compromised, and his password gotten, this might be used against
> him other places. With public-key authentication, he only has to worry
> about his end; if the server's end is compromised, the user's security is
> compromised little.
The concept you present "leave the strength.. up to the user.." is
sound. As a matter of fact, one security concept worth noting is,
"the person damaged - should be the person responsible". However,
your argument for PKA shows a flaw in assuming that the PKA
offer some type of protection if the server is comprimised.

If the server is comprimised, then *any* schenario must make
certain assumptions. Hence, the-man-in-the-middle schenarios/attacks.

I should also state that arguments on this level are nothing
more than vicious circles. Even a deep analysis will lead back
to other weakness. That is, weaknesses not associated with
PKA, SSH or the client/server.

                                Best Regards,

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages