[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: kerberosV telnet



Perry Metzger:
>Jef Poskanzer says:
>> "That turns out not to be the case."  The version of CNS that we have
>> doesn't have any encryption beyond DES.  4.4BSD telnet is basically
>> identical to kerberosV telnet, and the only encryption it has is DES.
>
>The 4.4 telnet is NOT identical. Its much better code, has lots of
>neat new capabilities that you probably want, is more modular, and the
>versions I saw had hooks for D-H and the like, which is where most of
>the work is -- you can get the D-H code from RSAREF and steal the IDEA
>code from PGP; from there the changes are small.

I just did a diff -r between the Kerberos V telnet/telnetd/libtelnet
and the 4.4BSD version.  From 1.5 MB of source code I get 40KB of diffs.
In my book a 2% difference qualifies as basically identical.  Plus 90%
of the diffs were memcpy/bcopy changes.

I know there are nice hooks in the code for adding new encryption
and authentication modules.  I know it would be relatively easy to
add IDEA and DH.  That's why I'm asking whether anyone has already
done it.  Do you get it this time, or should I go for four?

Perry, why don't you let someone else reply this time?
---
Jef