tomaswolf commented on issue #434: URL: https://github.com/apache/mina-sshd/issues/434#issuecomment-1856533066
On the client side, it should indeed ignore unknown key types (and not do anything if it cannot deal with any of the keys). On the server side, it should fail if it ever gets a key that it cannot handle. And it probably should even check that all the keys it gets in that request are keys the server proposed before. Otherwise some malicious or broken client is sending challenges for keys the server never proposed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
