5 Nov
1997
5 Nov
'97
3:35 a.m.
Yo Jeremy! On Mon, 3 Nov 1997, Jeremy Porter wrote:
If you have a payload that is encrypted and signed, there is fundementally no reason for the application to know anything other than a magic cookie return address.
SSH keeps track, forever, of the remote IP address/key pair to prevent man-in-the-middle and trojan horse attacks. The authors mention in their material that it is an important defense. Check out http://www.cs.hut.fi/ssh for further info. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 2680 Bayshore Pkwy, #202 Mountain View, CA 94043-1009 gem@rellim.com Tel:+1(650)964-1186 Fax:+1(650)964-1176