> I strongly disagree here. The server should specify the identity which it is > accepting. There have been numerous > cross-service attacks in the past where flaws in service A can be used to > compromise service B because they > are both prepared to accept the same keys (not least, the original GSS ssh > work). I would rather that we didn't >end up being service A or service B - so I think the SHOULD NOT here is >entirely inappropriate.
Really? SSH's problem was that is was susceptible to authenticator replay because the client was not required to prove it controlled the credentials it was using. rxgk is (and needs to be) resistant to authenticator replay already (because it must compute the same K0 as the server to do anything useful)._______________________________________________ AFS3-standardization mailing list [email protected] http://lists.openafs.org/mailman/listinfo/afs3-standardization
