X.509 support in ssh (revisited)
Lutz Jaenicke
Lutz.Jaenicke at aet.TU-Cottbus.DE
Thu Jan 24 05:31:41 EST 2002
On Wed, Jan 23, 2002 at 12:07:28PM -0600, mouring at etoh.eviladmin.org wrote:
> > I would think that the benefit here is that if your client is configured
> > to trust only certain signers, then Joe Hacker can't play
> > man-in-the-middle during the "should I accept this hostkey" question,
> > because Joe Hacker shouldn't have the private key for the CA you trust.
> >
> > Isn't that an improvement?
> >
>
> Until your CA's employees do something brain dead like hand out a copy of
> your key to someone who 'claims' to be an employee of your company.
>
> Refer to Micorosft and Versign issue last year which caused MS to resign a
> ton of packages and revoke a very heavily used key.
>
> Think warm fuzzy thoughts that your CA is trustworthy. =)
Hmm. Of course it finally comes down to the CA. And I don't think it makes
sense to add the large commercial CAs (actually, is there anybody left
beyond Verisign anyway?) by default.
But it would my life easier just being my own CA, signing for the hosts
I have. By now I distribute my public keys with rdist (via SSH of course :-),
but this doesn't work with lots of our Linux-machines which are not available
all day long (switched off, booted into Windows) and is only nice with
the 24x7 machines.
Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
More information about the openssh-unix-dev
mailing list