pks for openssh

[Darren J Moffat]

On Thu, 10 Oct 2002, Markus Friedl wrote:

> hm, at least i don't remember.

Nor has it shown up on the SECSH-WG alias yet.  I don't remeber any traffic
about this draft.  Note that the date is October 2002 so it is very new.

I think at this stage naming it draft-ietf-secsh- is premature.  I've
checked with the working group chair and he has yet to approve this as
a working group submission - it is in his queue.  It will probably
appear as an "individual" submission and may be discussed as a
potential working group draft if SECSH-WG meets at the next IETF.

If it does become a working group draft the @vandyke.com qualifier would
be removed from the subsystem name.

In general it looks like a good idea though I have some concerns about some
of the SHOULDs that I think are MAYs.

> On Thu, Oct 10, 2002 at 12:44:43PM -0600, Vincent Danen wrote:
> > I was directed to the following site by one of our customers regarding
> > a keyserver built into openssh.  There's a patch for 3.4p1 on their
> > site, but the license isn't very clear, nor is it clear if they have
> > approached the openssh team regarding the inclusion of this subsystem
> > into openssh proper.
> >
> > I've been asked to patch Mandrake's openssh with this feature, but I'm
> > hesitant until I know what others think and, primarily, whether or not
> > they have even contacted people like Markus or Theo about this.  The
> > RFC is written by them, and it looks like they sell some commercial
> > software around this idea as well.
> >
> > Here is links to more info:
> >
> > http://www.vandyke.com/download/os/pks_ossh.html
> > http://www.vandyke.com/technology/draft-ietf-secsh-publickey-
> > subsystem.txt
> >
> > The idea of it sounds interesting, but I would really like to know if
> > they have approached anyone regarding having it included in openssh
> > proper.

At this time they haven't got approval for it being a product of the
SECSH-WG at IETF.  That doesn't stop OpenSSH from including it though.

-- 
Darren J Moffat