Quoting Jeffrey Altman <[EMAIL PROTECTED]>:
> As for Telnet over SSL, which are you implementing:
>
> . Tim Hudson\'s hack (AUTH SSL)
>
> . The IETF\'s START_TLS
>
> ?
>
> Tim Hudson\'s hack does not prevent man in the middle
attacks and
> requires that user\'s submit their passwords to the
server (which may
> or may not have been compromised.) The START_TLS
protocol is the
> preferred method to implement.
Is there any open source telnetd\'s with START_TLS
support available, or is this something that should be
done?
Cheers,
Peter (from Sweden)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
