pks for openssh

Jeff P. Van Dyke jpv at vandyke.com
Sat Oct 12 06:29:30 EST 2002


> Nor has it shown up on the SECSH-WG alias yet.  I don't remeber any traffic
> about this draft.  Note that the date is October 2002 so it is very new.

It was initially proposed as a channel to the IETF working group
as an individual draft in November of 2000.  At that time, there
was quite a bit discussion on the public key channel.  The
consensus was that it should be a subsystem.  A new draft has
been submitted.  It isn't yet clear whether it will be a working
group draft or an individual draft.  I've contacted the chairman
of the WG, but haven't heard back.


> However this bugs me:
>
> RCSID("$OpenBSD: publickey-server.c,v 1.33 2002/06/30 00:00:00 markus Exp $");
>
> This is not a valid RCSID for OpenBSD.  Which IMNSHO is very poor manors.
> Leave the RCSID alone or remove them.  Don't randomly change them.

The RCSID was an oversight.  We don't use RCS, it was leftover
from something... My apologies to Marcus.

> <shrug> In general if I follow the code and RFC it is just a way of
> managing 'authorized_keys'  It even is wrong since we no longer support
> authorized_keys2.

This is clearly a mistake.  We will work on getting an update
to the distribution that addresses this.

With regards to including it in the OpenSSH distribution, we'd
like to see that happen.  We were hoping by releasing it as a
patch, we could assess the interest and if there was sufficient
interest, it would be included.  The early interest seems promising.

Markus, please let us know if there is anything we can do to
make this happen sooner rather than later :-)

Jeff P. Van Dyke
jpv at vandyke.com




More information about the openssh-unix-dev mailing list