ARP-spoofing defense
Michael L Torrie
torriem at chem.byu.edu
Wed Mar 14 14:45:50 MDT 2007
On Wed, 2007-03-14 at 14:12 -0600, Topher Fischer wrote:
> Well, this makes me wonder. Is there a standard way to configure ssh to
> use certificates, and for clients to maintain a list of trusted CAs and
> trusted certificates?
Well the theory of SSL certificates is that if you trust the root cert,
you trust the child certs. It's a flawed theory, obviously. Anyway, it
doesn't apply to ssh because ssh doesn't have a trust model. You either
trust a key or you don't. It's not like ssl where I trust your cert
because it's signed by someone else whom I trust.
Michael
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
More information about the PLUG
mailing list