[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on CRACK
Stephane Beaulieu wrote:
> What would those be?
>
> I've heard...
>
> 1 - It encourages the use of weak pre-shared keys. - Perhaps, but this can
> easily be fixed in XAUTH. I would still like to get a concensus on this.
This "easy" fix requires deployment of client certificates.
> 2 - It's too complicated to be secure... Please !
Prove to me that it's secure. Better review your predicate logic
first...
> 3 - Too much known plain text. - All three proposals (XAUTH, CRACK, and ULA
> have know plain text.
None have the copious amounts of ASCII TEXT that xauth does. Some known
plaintext may be unavoidable, but xauth has a ridiculous amount.
> 4 - It's too tightly bound to Cfg. Cfg is a simple protocol. Why invent a
> new protocol when one already exist which meets your needs.
You mean dhcp, right?
Follow-Ups:
References: