[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
examples against which to test designs
SSH [http://www.cs.hut.fi/ssh] authenticates the machines at both ends
of the connection using their host keys (each host key as an RSA key
pair). Each machine currently has a database of keys it knows; for
unknown hosts, it currently accepts the remote host without
verification and adds the key to its database for further reference.
It would be interesting to be able to fetch host keys from name
servers or some similar infrastructure. I would like to see this
(securely obtaining public host keys) as one aspect considered by the
workgroup. Other protocols, such as Photuris, will in my
understanding also need similar services.