<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: Pass{word,phrase} Authentication for CIPE?
From: SBNelson,AT,thermeon,DOT,com
Date: Tue, 2 Jan 2001 16:57:06 +0100

If you don't trust the host, then how can you trust the password?  If the
host is compromised, then the password can be captured and then used on
later sessions.

Perhaps what you don't like is having the secret kept in a (readable by root
only) file.  Perhaps someone could make ciped ask for the key when starting
up...  But then again, how do you know that the ciped is to be trusted; it
could be a trojan horse.

> -----Original Message-----
> From: David Sainty [SMTP:dsainty,AT,redhat,DOT,com
> Sent: Friday, December 29, 2000 10:47 AM
> To:   cipe-l,AT,inka,DOT,de
> Subject:      Pass{word,phrase} Authentication for CIPE?
> 
> A quick question....
> 
> Are there any thoughts on the possibility of adding password or passphrase
> style authentication capability to CIPE? i.e. we do not assume that both
> CIPE end-points can be trusted. An example scenario: one end-point is a
> notebook (with a CIPE key) that has been stolen.
> 
> There _are_ work-arounds, but I was wondering about how feasible it would
> be (or if it had already been considered) to add passphrase functionality
> for CIPE connections, so it was available if desired.
> 
> TIA,
> 
> 
> David S..
> 
> 
> 
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
> <URL:http://sites.inka.de/~bigred/devel/cipe.html>





<< | Thread Index | >> ]    [ << | Date Index | >> ]