Magosanyi Arpad wrote:
> A levelezőm azt hiszi, hogy Darren Reed a következőeket írta:
> []
> >
> > Bad crypto is worse than no crypto at all.
>
> Agreed. But low functionality crypto is not necessarily bad crypto.
> I guess we can stop here, because everyone seems to agree that having
> something already done is good, and no one seems to care about embedded
> systems (I also don't care about them).
>
> --
> GNU GPL: csak tiszta forrásból
I opened the discussion last year with the question of at least partially
securing log streams from very small, very cheap, very dumb access
switches. The market will soon be flooded with these PPOE-based devices
that attempt some sort of authentication on connection, and yes, they need
at least an authentication mechanism for their syslog records, to help the
syslog server resist DoS attacks. No, they do not need encryption. Hence
my very limited proposal that involves nothing more than chained MD5
hashing. This may indeed be a special case, but it's not true that
no-one in conventional networking cares about embedded systems.
--
Alex Brown http://www.msg.com/~abrown +1 617 504 8761
