[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: kerberosV telnet




Normally I like to answer inquiries, but it seems that Jef meets
answers with insults, so I don't see any reason to give him further
information.

Perry

Jef Poskanzer says:
> Perry Metzger:
> >Jef Poskanzer says:
> >> "That turns out not to be the case."  The version of CNS that we have
> >> doesn't have any encryption beyond DES.  4.4BSD telnet is basically
> >> identical to kerberosV telnet, and the only encryption it has is DES.
> >
> >The 4.4 telnet is NOT identical. Its much better code, has lots of
> >neat new capabilities that you probably want, is more modular, and the
> >versions I saw had hooks for D-H and the like, which is where most of
> >the work is -- you can get the D-H code from RSAREF and steal the IDEA
> >code from PGP; from there the changes are small.
> 
> I just did a diff -r between the Kerberos V telnet/telnetd/libtelnet
> and the 4.4BSD version.  From 1.5 MB of source code I get 40KB of diffs.
> In my book a 2% difference qualifies as basically identical.  Plus 90%
> of the diffs were memcpy/bcopy changes.
> 
> I know there are nice hooks in the code for adding new encryption
> and authentication modules.  I know it would be relatively easy to
> add IDEA and DH.  That's why I'm asking whether anyone has already
> done it.  Do you get it this time, or should I go for four?
> 
> Perry, why don't you let someone else reply this time?
> ---
> Jef