On Tue, 27 Jan 2009, Jeffrey Hutzelman wrote:
> --On Tuesday, January 27, 2009 11:16:02 AM +0100 Jan Pechanec
> <Jan.Pechanec at Sun.COM> wrote:
>
>> we realized that the fix was too aggressive
>
> I could have told you that, and probably should have. We tried deploying such
> a change back in November and immediately ran into several clients and servers
> that support only CBC-mode ciphers, even before the change made it out of
> alpha
> testing. Unfortunately, some of these cannot easily be upgraded. This has
> led
hi Jeff, we still go with the solution of removing the CBC modes
from the default server side list. That's the only way to force the client
to choose something else in case that the CBC mode was the first in the list
(OpenSSH, for example). If people really can't upgrade their clients then
changing the server side configuration is the way to go.
however, we keep all modes on the client side for backward
compatibility. That's where we saw all the real problems, not on the server
side.
the change should go to snv_108.
> me to strongly favor specifying more than one mandatory-to-implement algorithm
> in future protocols.
definitely. The problem now is that we don't even have too many
optional ones. We have AES CTR and arcfour. Time for a new draft I suppose.
J.
--
Jan Pechanec
