On Wed, 14 May 2008, Micah Anderson wrote: > authenticity of the server. In other words, ssh sessions are not > compromised just because an adversary has the host keys (unless a MITM > is setup, in which case you need bot the host key and the authentication > key to perform a mitm attack).
Ok. But I do have one doubt: does the RNG bug affect SSH session IV generation? -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
