Different ciphers, MAC, compression for inbound and outbound .

Behnam Behzadi behnam at riverstonenet.com
Wed Oct 30 04:57:19 EST 2002


Hi Jason,
 
This is the only valid argument I have heard on this issue.  But then again one would assume that the server side data protected by that very password would be considered just as protection-worthy.  Otherwise, why would they ask for password to begin with.
 
Thanks for your reply.
------ 
Behnam Behzadi 

408-878-6551 
http://www.riverstonenet.com <http://www.riverstonenet.com/>  

-----Original Message-----
From: Lacoss-Arnold, Jason [mailto:Jason.Lacoss-Arnold at agedwards.com]
Sent: Tuesday, October 29, 2002 5:02 AM
To: Behnam Behzadi
Cc: openssh-unix-dev at mindrot.org; secureshell at securityfocus.com
Subject: RE: Different ciphers, MAC, compression for inbound and outbound .



I could see an organization choosing to only encrypt client to server communications if they only sensitive data they were concerned about is passwords.  This would lower resource utilization, esp. if the clients usually consume data instead of send it.

-----Original Message----- 
From: Markus Friedl [ mailto:markus at openbsd.org] 
Sent: Tuesday, October 29, 2002 4:25 AM 
To: Behnam Behzadi 
Cc: Damien Miller; openssh-unix-dev at mindrot.org; 
secureshell at securityfocus.com 
Subject: Re: Different ciphers, MAC, compression for inbound and 
outbound . 


On Mon, Oct 28, 2002 at 10:43:52AM -0800, Behnam Behzadi wrote: 
> This question is not coming from actual users.  This was raised from the Marketing to Engineering to research the possibilities if some future customer makes it a requirement.

it's possible, it's simple to implement, but i don't see a reason 
for this.  it might be very confusing for users. 
_______________________________________________ 
openssh-unix-dev at mindrot.org mailing list 
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev 



***********************************************************************************
WARNING: All e-mail sent to and from this address will be received or
otherwise recorded by the A.G. Edwards corporate e-mail system and is
subject to archival, monitoring or review by, and/or disclosure to,
someone other than the recipient.
************************************************************************************


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20021029/8a06792d/attachment.html 


More information about the openssh-unix-dev mailing list