X.509 support in ssh (revisited)
Markus Friedl
markus at openbsd.org
Thu Jan 24 03:42:46 EST 2002
On Wed, Jan 23, 2002 at 10:31:38AM -0600, mouring at etoh.eviladmin.org wrote:
> Does X.509 really make sense with SSH? I mean you are still not going to
> get Verisigned licenses and even that you are putting your trust in a 3rd
> party certificate which has no real bearing on the trust of the machine in
> question.
well it could make hostkey management simpler, but i see
no difference between people clicking on
"continue, i don't care about this hostkey"
and
"continue, i don't care about the certificate for this hostkey"
-m
More information about the openssh-unix-dev
mailing list