Balazs Scheidler writes:
> > > I'm happy with SSL or TLS. (and btw, someone mentioned using ssh, what I had
> > > in mind was similar to the SSH2 transport layer)
> >
> > Ah, then why not just use the ssh2 transport layer? Designing a good crypto
> > protocol is a really hard job.
> >
>
> It's not available completely separately as a library like SSL is,
> and no SSH implementation is able to accept subprotocols running on
> the transport layer. (though lsh will be able to do so)
I think in the SSH2 protocol it is easier to use subsystems instead of
replacing the userauth and connection layers. You propably need to
have flow control provided by the connection layer, and you also might
need user authentication provided by the userauth layer.
In the SSH2 protocol you can after the connection has been established
and authenticated request a connection to specific subsystem that will
then start processing the packets. One of those subsystems is the
normal terminal access. Another one is the file transfer (sftp). I
think it will be quite easy to add new subsystems to all SSH2
implementations later.
--
[EMAIL PROTECTED] Work : +358 303 9870
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
