SRP secure remote password authentication
Edward Flick
eddy at cdf-imaging.com
Thu Sep 18 06:59:21 EST 2003
Hello Tom,
Since I am just now realizing you monitor this list. Exactly, what is
implied by the SRP-Z license? As you can implicitly determine (by
successful negotation) if the server on the other end is the server you
intended to communicate with, exactly what is the differentiating factor
between SRP and SRP-Z.
Edward Flick
-----Original Message-----
From: openssh-unix-dev-bounces+eddy=cdf-imaging.com at mindrot.org
[mailto:openssh-unix-dev-bounces+eddy=cdf-imaging.com at mindrot.org]On
Behalf Of Tom Wu
Sent: Wednesday, September 17, 2003 2:20 PM
To: Markus Friedl
Cc: openssh-unix-dev at mindrot.org; Jeremy Nysen
Subject: Re: SRP secure remote password authentication
SRP is, if anything, the protocol with the *least* problematic patent
license:
http://www.ietf.org/ietf/IPR/WU-SRP
since royalty-free terms are offered. If that isn't good enough for
OpenSSH, then neither is DSA.
Tom
Markus Friedl wrote:
> SRP and similar protocols have patent problems.
>
> are there any without?
>
> On Wed, Sep 17, 2003 at 11:00:18AM +1000, Jeremy Nysen wrote:
>
>>Are there any plans to include support for SRP or a similar zero-knowledge
>>password protocol into OpenSSH?
>>
>>--
>>Jeremy
>>
>>_______________________________________________
>>openssh-unix-dev mailing list
>>openssh-unix-dev at mindrot.org
>>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Tom Wu
Chief Security Architect
Arcot Systems
(408) 969-6124
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list