From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Sat Feb 1 04:06:57 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id EAA02089 for ; Sat, 1 Feb 2003 04:06:56 -0500 (EST) Received: (qmail 2627 invoked by uid 605); 1 Feb 2003 09:10:25 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 2544 invoked from network); 1 Feb 2003 09:10:21 -0000 Received: from nbwww.isc.org (HELO narn.netbsd.org) (204.152.184.198) by mail.netbsd.org with SMTP; 1 Feb 2003 09:10:21 -0000 Received: from hotmail.com (unknown [200.71.8.9]) by narn.netbsd.org (Postfix) with SMTP id 714901113F for ; Sat, 1 Feb 2003 01:10:18 -0800 (PST) From: "La Sociedad Digital / A Sociedade Digital" To: (La Sociedad Digital) Subject: Comunicacion cientifica a la comunidad de Internet y de la Sociedad de la Informacion Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Date: Sat, 1 Feb 2003 18:14:51 -0300 Reply-To: "La Sociedad Digital / A Sociedade Digital" Content-Transfer-Encoding: 8bit Message-Id: <20030201091018.714901113F@narn.netbsd.org> Sender: ietf-ssh-owner@netbsd.org Precedence: list Content-Transfer-Encoding: 8bit Versión español al frente, versión portuguesa a continuación, versión inglesa al final. ---------------------------------------------------------------------- ------------ Comunicación científica a la comunidad de Internet y a la comunidad de la Sociedad de la Información. La Sociedad Digital – www.sociedaddigital.org / www.asociedadedigital.org La presente comunicación tiene como objetivo informar a la comunidad de Internet y a la comunidad de la Sociedad de la Información las novedades de los últimos meses del Proyecto La Sociedad Digital. La Sociedad Digital es un proyecto abierto a la comunidad de Internet y de la Sociedad de la Información en el ámbito iberoamericano principalmente, pero no restringido exclusivamente a él. Se trata de la creación del primer espacio de convergencia para los especialistas de habla castellana y portuguesa, bajo la forma de un Portal de la Sociedad de la Información (www.sociedaddigital.org / www.asociedadedigital.org). La estructuración de este espacio comprende, en primer lugar, una subdivisión por áreas temáticas consideradas trascendentes para el desarrollo de la Sociedad de la Información, tales como lengua, brecha digital, gobierno digital, estudios especiales, legislación, situación por países, etc. Una segunda subdivisión apunta a elementos de interactividad como noticias, proyectos, observatorios de información, etc. que apuntan a generar un espacio de intercambio y sinergia entre los especialistas de la región, en la búsqueda de modelos de aplicación y resultados de investigaciones, para que todos sus participantes puedan beneficiarse, construyendo, entre todos, el espacio de la Sociedad de la Información en su tránsito hacia la Sociedad del Conocimiento. Invitamos, en consecuencia, a todos, a visitar el Portal, integrarse, enviar sus aportes intelectuales y usar todos los recursos en él disponibles, los que son, por supuesto, de uso libre y gratuito. (www.sociedaddigital.org / www.asociedadedigital.org). Pueden comunicarse a info@sociedaddigital.org. Todos los comentarios, aportes y observaciones serán bienvenidos. Muy cordialmente, El Presidente del Consejo de Directores de La Sociedad Digital, Prof. Dr. Ricardo Petrissans de Aguilar ricardo@sociedaddigital.org La presente comunicación se realiza por única vez. Se trata de una comunicación científica destinada a los miembros de la Comunidad Científica Iberoamericana. En caso que este mensaje sea considerado por su receptor como carente de interés, rogamos se sirva deletear el mismo. Muchas gracias. __________________________________________________ Comunicação Científica à comunidade da Internet e à Comunidade da Sociedade da Informação. La Sociedad Digital comunica aos usuários da Internet e à comunidade da Sociedade da Informação La Sociedad Digital - www.sociedaddigital.org / www.asociedadedigital.org A presente comunicação tem como objetivo informar à comunidade da Internet e à Comunidade da Sociedade da Informação as novidades dos últimos meses do Projeto da Sociedade Digital. La Sociedad Digital é um projeto aberto à comunidade da Internet e à Sociedade da Informação no âmbito ibero-americano, principalmente, porém não restrito exclusivamente a ele. Trata-se da criação do primeiro espaço de convergência para os especialistas de idioma castelhano e português, sob a forma de um Portal da Sociedade da Informação (www.sociedaddigital.org / www.asociedadedigital.org). A estruturação deste espaço compreende, em primeiro lugar, uma subdivisão por áreas temáticas, consideradas transcendentes para o desenvolvimento da Sociedade da Informação, tais como idioma, brecha digital, governo digital, estudos especiais, legislação, situação por país, etc. Uma segunda subdivisão aponta para elementos de interatividade como notícias, projetos, observatórios de informação, etc., no sentido de gerar um espaço de intercâmbio e sinergia entre os especialistas da região, na busca de modelos de aplicação e resultados de investigações, para que todos seus participantes possam se beneficiar, construindo entre todos o espaço da Sociedade da Informação em seu trânsito até a Sociedade do Conhecimento. Convidamos, então, a todos para uma visita ao Portal, para se integrarem, enviar suas contribuições intelectuais e usar todos os recursos nele disponíveis, que são de uso livre e gratuito. (www.sociedaddigital.org / www.asociedadedigital.org). Para se comunicarem, utilizem info@sociedaddigital.org Todos os comentários, contribuições e observações serão bem-vindos. Cordialmente Prof. Dr. Ricardo Petrissans de Aguilar Presidente do Conselho de Diretores de La Sociedad Digital ricardo@sociedaddigital.org A presente comunicação se realiza uma única vez. Trata-se de comunicação científica destinada aos membros da Comunidade Científica Ibero-americana. Caso esta mensagem seja considerada pelo receptor como carente de interesse, pedimos que seja deletada. Muito obrigado. ________________________________________________________________ Scientific message to the Internet Community and to the Information Society Community. The Digital Society – www.sociedaddigital.org / www.asociedadedigital.org This message has the objective of informing the Internet Community and the Information Society Community the latest news about The Digital Society Project. The Digital Society is a project open mainly to the Internet Community and the Information Society Community in Latin American, however without restrictions to any other countries or regions in the world. It is about the creation of the first forum to portuguese and spanish speaking specialists, under the structure of an internet gate (www.sociedaddigital.org / www.asociedadedigital.org). The structure of this space is divided, in its first level, into areas considered of extreme importance to the development of the Information Society, such as language, (brechas digitais), e-Government, special studies, legislation and country information. On a second level, there are interactive elements such as news, special projects and information centres designed to promote interchanges and synergy between regional specialists, always searching for new models, applications and research results, benefiting all users and paving the road between the Information Society and the Knowledge Society. Therefore, we invite everyone to visit the Internet site, integrate yourself in the community, contribute with your knowledge and use all free available resources. Our address : (www.sociedaddigital.org / www.asociedadedigital.org). Please send any queries and comments to info@sociedaddigital.org. All comments, queries and contributions are welcome. Cordially, President of the Digital Society Board of Directors Ricardo Petrissans de Aguilar, MSc, PhD. ricardo@sociedaddigital.org This message will only be sent once, since it is intended to be directed to the members of the Latin America Scientific Community. If it is not of your interest, please delete it. Thank you for your time and attention. From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Sat Feb 1 09:50:26 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA07108 for ; Sat, 1 Feb 2003 09:50:26 -0500 (EST) Received: (qmail 19264 invoked by uid 605); 1 Feb 2003 14:53:56 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 19257 invoked from network); 1 Feb 2003 14:53:56 -0000 Received: from law-cs1.hotmail.com (209.185.130.56) by mail.netbsd.org with SMTP; 1 Feb 2003 14:53:56 -0000 Received: (from root@localhost) by law-cs1.hotmail.com (8.9.3/8.9.3) id GAA11660 for ietf-ssh@netbsd.org; Sat, 1 Feb 2003 06:53:55 -0800 (PST) Date: Sat, 1 Feb 2003 06:53:55 -0800 (PST) Message-Id: <200302011453.GAA11660@law-cs1.hotmail.com> From: MSN Hotmail To: ietf-ssh@netbsd.org Subject: A funny game MIME-Version: 1.0 X-Originating-IP: [209.185.130.56] Content-Type: TEXT/PLAIN; charset=iso-8859-1 Content-transfer-encoding: 8bit Sender: ietf-ssh-owner@netbsd.org Precedence: list Content-Transfer-Encoding: 8bit This is an auto-generated response designed to answer your question as quickly as possible. Please note that you will not receive a reply if you respond directly to this message. We hope the directions below answer your question. If after following the directions your problem is still unresolved, please click the link to the Hotmail Customer Support form at the end of this message to submit your issue and a Customer Support Representative will help you. MSN Hotmail WebCourier is an online content delivery service that enables you to request that rich, graphical e-mail messages be delivered daily to your Inbox. Check regularly for additions because Hotmail constantly adds new titles to this list. >>> To subscribe to WebCourier 1. On the right side of the page in the top light blue section, click "Free Newsletters". 2. On the "WebCourier FREE Subscriptions" page, scroll down to see the list of possible subscriptions. 3. Select the check box next to each service to which you want to subscribe. 4. Click "OK" to subscribe to these services. >>> To unsubscribe from WebCourier 1. On the right side of the page in the top light blue section, click "Free Newsletters". 2. On the WebCourier FREE Subscriptions" page, clear the check box next to each service to which you're subscribed. 3. Click "OK" to unsubscribe to these services. If you do not see an unsubscribe link in the web browser, you are receiving this newsletter delivery from another system. You should contact them for removal. ************************* Please note: Hotmail reserves the right to delete unread newsletters from your inbox. ************************* ************************* Still Didn't Solve Your Problem? Complete the Hotmail Customer Support request form at: http://www.hotmail.com/cgi-bin/support Remember that MSN Hotmail also has comprehensive online help available--just click "Help" in the upper right corner. From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Fri Feb 7 18:29:10 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA24790 for ; Fri, 7 Feb 2003 18:29:09 -0500 (EST) Received: (qmail 1046 invoked by uid 605); 7 Feb 2003 23:32:42 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 1039 invoked from network); 7 Feb 2003 23:32:41 -0000 Received: from nwkea-mail-2.sun.com (192.18.42.14) by mail.netbsd.org with SMTP; 7 Feb 2003 23:32:41 -0000 Received: from eastmail2bur.East.Sun.COM ([129.148.13.40]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id PAA05999 for ; Fri, 7 Feb 2003 15:32:39 -0800 (PST) Received: from thunk.east.sun.com (thunk.East.Sun.COM [129.148.174.66]) by eastmail2bur.East.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h17NWd5f025021 for ; Fri, 7 Feb 2003 18:32:39 -0500 (EST) Received: from thunk (localhost [127.0.0.1]) by thunk.east.sun.com (8.12.6+Sun/8.12.6) with ESMTP id h17NWcwj021107 for ; Fri, 7 Feb 2003 18:32:39 -0500 (EST) Message-Id: <200302072332.h17NWcwj021107@thunk.east.sun.com> From: Bill Sommerfeld To: ietf-ssh@netbsd.org Subject: WGLC ending 2/21/03: draft-ietf-secsh-auth-kbdinteract-04.txt Reply-to: sommerfeld@east.sun.com Date: Fri, 07 Feb 2003 18:32:38 -0500 Sender: ietf-ssh-owner@netbsd.org Precedence: list This is a WORKING GROUP LAST-CALL for draft-ietf-secsh-auth-kbdinteract-04.txt last call will end 2/21/2003 Send comments on the documents to this list. - Bill From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Fri Feb 7 18:30:31 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA24856 for ; Fri, 7 Feb 2003 18:30:30 -0500 (EST) Received: (qmail 2412 invoked by uid 605); 7 Feb 2003 23:33:54 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 2358 invoked from network); 7 Feb 2003 23:33:52 -0000 Received: from nwkea-mail-2.sun.com (192.18.42.14) by mail.netbsd.org with SMTP; 7 Feb 2003 23:33:52 -0000 Received: from eastmail2bur.East.Sun.COM ([129.148.13.40]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id PAA06881 for ; Fri, 7 Feb 2003 15:33:51 -0800 (PST) Received: from thunk.east.sun.com (thunk.East.Sun.COM [129.148.174.66]) by eastmail2bur.East.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h17NXp5f025228 for ; Fri, 7 Feb 2003 18:33:51 -0500 (EST) Received: from thunk (localhost [127.0.0.1]) by thunk.east.sun.com (8.12.6+Sun/8.12.6) with ESMTP id h17NXpwj021122 for ; Fri, 7 Feb 2003 18:33:51 -0500 (EST) Message-Id: <200302072333.h17NXpwj021122@thunk.east.sun.com> From: Bill Sommerfeld To: ietf-ssh@netbsd.org Subject: WGLC ending 2/21/2003: draft-ietf-secsh-publickeyfile-03.txt Reply-to: sommerfeld@east.sun.com Date: Fri, 07 Feb 2003 18:33:51 -0500 Sender: ietf-ssh-owner@netbsd.org Precedence: list This is a WORKING GROUP LAST CALL ending on 2/21/2003 for draft-ietf-secsh-publickeyfile-03.txt Send comments to this list. From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Fri Feb 7 18:31:24 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA24894 for ; Fri, 7 Feb 2003 18:31:23 -0500 (EST) Received: (qmail 3709 invoked by uid 605); 7 Feb 2003 23:35:01 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 3702 invoked from network); 7 Feb 2003 23:35:00 -0000 Received: from kathmandu.sun.com (192.18.98.36) by mail.netbsd.org with SMTP; 7 Feb 2003 23:35:00 -0000 Received: from eastmail1bur.East.Sun.COM ([129.148.9.49]) by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id QAA25975 for ; Fri, 7 Feb 2003 16:34:59 -0700 (MST) Received: from thunk.east.sun.com (thunk.East.Sun.COM [129.148.174.66]) by eastmail1bur.East.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h17NYx4t000726 for ; Fri, 7 Feb 2003 18:34:59 -0500 (EST) Received: from thunk (localhost [127.0.0.1]) by thunk.east.sun.com (8.12.6+Sun/8.12.6) with ESMTP id h17NYxwj021145 for ; Fri, 7 Feb 2003 18:34:59 -0500 (EST) Message-Id: <200302072334.h17NYxwj021145@thunk.east.sun.com> From: Bill Sommerfeld To: ietf-ssh@netbsd.org Subject: WGLC ending 2/21/2003: draft-ietf-secsh-dns-02.txt Reply-to: sommerfeld@east.sun.com Date: Fri, 07 Feb 2003 18:34:59 -0500 Sender: ietf-ssh-owner@netbsd.org Precedence: list This is a WORKING GROUP LAST CALL ending 2/21/2003 for draft-ietf-secsh-dns-02.txt Send comments on this document to the list. - Bill From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Tue Feb 11 06:46:11 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id GAA28702 for ; Tue, 11 Feb 2003 06:46:10 -0500 (EST) Received: (qmail 1648 invoked by uid 605); 11 Feb 2003 11:49:51 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 1640 invoked from network); 11 Feb 2003 11:49:50 -0000 Received: from odin.ietf.org (HELO ietf.org) (132.151.1.176) by mail.netbsd.org with SMTP; 11 Feb 2003 11:49:50 -0000 Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA28668; Tue, 11 Feb 2003 06:46:05 -0500 (EST) Message-Id: <200302111146.GAA28668@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ssh@netbsd.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-secsh-agent-01.txt Date: Tue, 11 Feb 2003 06:46:05 -0500 Sender: ietf-ssh-owner@netbsd.org Precedence: list --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Shell Working Group of the IETF. Title : Secure Shell Authentication Agent Protocol Author(s) : D. Moffat, T. Rinne, S. Lehtinen Filename : draft-ietf-secsh-agent-01.txt Pages : 11 Date : 2003-2-10 This document describes the Secure Shell authentication agent protocol (i.e., the protocol used between a client requesting authentication and the authentication agent). This protocol usually runs in a machine-spe- cific local channel or over a forwarded authentication channel. It is assumed that the channel is trusted, so no protection for the communica- tions channel is provided by this protocol. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-secsh-agent-01.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-secsh-agent-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-secsh-agent-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2003-2-10133008.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-secsh-agent-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-secsh-agent-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2003-2-10133008.I-D@ietf.org> --OtherAccess-- --NextPart-- From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Tue Feb 11 12:28:51 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA12339 for ; Tue, 11 Feb 2003 12:28:50 -0500 (EST) Received: (qmail 12267 invoked by uid 605); 11 Feb 2003 17:32:30 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 12260 invoked from network); 11 Feb 2003 17:32:29 -0000 Received: from adsl-64-123-27-105.dsl.austtx.swbell.net (HELO pyramid.twistedmatrix.com) (64.123.27.105) by mail.netbsd.org with SMTP; 11 Feb 2003 17:32:29 -0000 Received: from adsl-64-123-27-105.dsl.austtx.swbell.net ([64.123.27.105] helo=Moo) by pyramid.twistedmatrix.com with esmtp (Exim 3.35 #1 (Debian)) id 18iWmT-0007Yi-00; Tue, 11 Feb 2003 03:32:46 -0600 From: "Paul Swartz" To: Internet-Drafts@ietf.org Date: Tue, 11 Feb 2003 12:31:17 -0500 MIME-Version: 1.0 Subject: Re: I-D ACTION:draft-ietf-secsh-agent-01.txt CC: ietf-ssh@netbsd.org Message-ID: <3E48ED15.29864.1C9C76@localhost> In-reply-to: <200302111146.GAA28668@ietf.org> X-mailer: Pegasus Mail for Windows (v4.02) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Sender: ietf-ssh-owner@netbsd.org Precedence: list Content-Transfer-Encoding: 7BIT 4.1. Requesting Agent Forwarding Shouldn't agent forwarding be requested with a MSG_GLOBAL_REQUEST rather than creating a channel, since the auth-agent-req channel is never used (from what I see). -p -- Paul Swartz (o_ http://twistedmatrix.com/users/z3p.twistd/ //\ z3p@twistedmatrix.com V_/_ AIM: Z3Penguin From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Thu Feb 13 18:00:57 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA17419 for ; Thu, 13 Feb 2003 18:00:57 -0500 (EST) Received: (qmail 6627 invoked by uid 605); 13 Feb 2003 23:04:37 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 6620 invoked from network); 13 Feb 2003 23:04:36 -0000 Received: from wellington.concentric.net (HELO wellington.cnchost.com) (207.155.252.14) by mail.netbsd.org with SMTP; 13 Feb 2003 23:04:36 -0000 Received: from Nucleus (AS-92-31.dial-up.siol.net [213.250.5.31]) by wellington.cnchost.com id SAA10994; Thu, 13 Feb 2003 18:04:35 -0500 (EST) [ConcentricHost SMTP Relay 1.15] From: "denis bider" To: Subject: ssh channel window size: before or after compression? Date: Fri, 14 Feb 2003 00:04:30 +0100 Message-ID: <000601c2d3b4$45248330$c500a8c0@Nucleus> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: ietf-ssh-owner@netbsd.org Precedence: list Content-Transfer-Encoding: 7bit Hello everyone, there is a noble and widespread SSH2/SFTP implementation on the market which happens to work quite nicely with servers such as OpenSSH, but miraculously fails with our own server whenever it attempts to upload a large, highly compressible file. The error that occurs is that the client sends more data to the channel than allowed for by the window size, which our implementation considers a gross violation of SSH2 flow control, and therefore disconnects the offender without undue hesitation. After looking at the latest secsh-connect document, my theory is that the Offending Application (tm) interprets channel window size to apply to data AFTER rather than before compression. So it joyfully sends a 10k compressed chunk of data thinking all is nice and dandy, but when on the other end after decompression this balloons into 100k, our server frowns and says no-no. Now, given that SSH2 compression is defined in secsh-transport, whereas channels and windows are all higher level structures defined in secsh-connect, it appears very reasonable to assume that channel window size applies to data that is sent INTO a channel, i.e. BEFORE compression, rather than to packetized compressed data as it comes out of the transport layer. However, this is nowhere explicitly stated in secsh-connect, and apparently this is also not how a few other implementations, including but not limited to Offending Application, understand things to be. Otherwise, the Offending Application should have a problem uploading that file not only to our server, but also e.g. to OpenSSH - yet with OpenSSH it works just fine. So, my question to the folks here gathered is: who is right? Should channel window size be applied to data as it is being sent into a channel, BEFORE compression (yay!), or should it be applied to data as it comes out compressed from the SSH2 transport layer (yuck!)? Further, assuming window size applies BEFORE compression, why don't servers other than ours bounce the Offending Application as it vehemently attempts to send more than it is supposed to? I very much look forward to your enlightened replies. Best regards, denis From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Fri Feb 14 02:39:27 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id CAA12570 for ; Fri, 14 Feb 2003 02:39:27 -0500 (EST) Received: (qmail 27137 invoked by uid 605); 14 Feb 2003 07:43:09 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 27130 invoked from network); 14 Feb 2003 07:43:07 -0000 Received: from p50852b9a.dip0.t-ipconnect.de (HELO tickit.tick-it.de) (80.133.43.154) by mail.netbsd.org with SMTP; 14 Feb 2003 07:43:07 -0000 Received: from [192.168.1.102] ([192.168.1.102]) by tickit.tick-it.de (8.11.6/8.11.6) with ESMTP id h1E8DPG20060; Fri, 14 Feb 2003 09:13:26 +0100 Subject: Re: ssh channel window size: before or after compression? From: Jon Bright To: denis bider Cc: ietf-ssh@netbsd.org In-Reply-To: <000601c2d3b4$45248330$c500a8c0@Nucleus> References: <000601c2d3b4$45248330$c500a8c0@Nucleus> Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10) Date: 14 Feb 2003 08:43:19 +0100 Message-Id: <1045208600.20636.9.camel@prak> Mime-Version: 1.0 Sender: ietf-ssh-owner@netbsd.org Precedence: list Content-Transfer-Encoding: 7bit Hi, Since the channels layer can't possibly know if/what kind of compression the transport layer's using, my opinion would be that the only possible way to interpret it is that window sizes refer to uncompressed data. Also, all packets are compressed, whereas window sizes refer only to channel data. On Fri, 2003-02-14 at 00:04, denis bider wrote: > > So, my question to the folks here gathered is: who is right? Should ...so my view on this would be that you are. > Further, assuming window size applies BEFORE compression, why don't > servers other than ours bounce the Offending Application as it > vehemently attempts to send more than it is supposed to? One possibility is that you're using a portable OpenSSH v3.1(?) or so on Linux with the privsep stuff, where compression isn't supported, thereby obviating the problem. Check whether compression's actually negotiated for your test connection... -- Jon Bright Lead Programmer, Silicon Circus Ltd. http://www.siliconcircus.com/ From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Fri Feb 14 09:48:24 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA23777 for ; Fri, 14 Feb 2003 09:48:23 -0500 (EST) Received: (qmail 29599 invoked by uid 605); 14 Feb 2003 14:52:06 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 29592 invoked from network); 14 Feb 2003 14:52:05 -0000 Received: from mail023.syd.optusnet.com.au (210.49.20.162) by mail.netbsd.org with SMTP; 14 Feb 2003 14:52:05 -0000 Received: from home (c17156.sunsh3.vic.optusnet.com.au [211.28.122.16]) by mail023.syd.optusnet.com.au (8.11.6/8.11.6) with SMTP id h1EEq3006760 for ; Sat, 15 Feb 2003 01:52:04 +1100 Date: Sat, 15 Feb 2003 01:52:55 +1100 From: Glenn McGrath To: ietf-ssh@netbsd.org Subject: define string Message-Id: <20030215015255.3dd97ffd.bug1@optushome.com.au> X-Mailer: Sylpheed version 0.8.9claws48 (GTK+ 1.2.10; i386-debian-linux-gnu) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha1"; boundary="=.868P2?TI1fbC.k" Sender: ietf-ssh-owner@netbsd.org Precedence: list --=.868P2?TI1fbC.k Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Section 5.1 of draft-ietf-secsh-transport-15.txt describes the format of the payload of binary packet used to negotiate the algorithms, namely byte SSH_MSG_KEXINIT byte[16] cookie (random bytes) string kex_algorithms string server_host_key_algorithms string encryption_algorithms_client_to_server string encryption_algorithms_server_to_client string mac_algorithms_client_to_server string mac_algorithms_server_to_client string compression_algorithms_client_to_server string compression_algorithms_server_to_client string languages_client_to_server string languages_server_to_client I havent read this RFC before, nor have a played with the code of any ssh software, when looking at these fields i just assumed string was a sequence of printable characters terminated by a '\0'. By trying to talk to openssh and lsh servers i worked out a string is char string_length char *string char extra_terminators[3] I understand why string_length is there, its can make it easier to handle the string, but why are there three extra '\0' terminators ? Irrespective of the reasoning i think the format of the string should be documented somewhere, im sure im not the only person who has been caught by this. I thought maybe there was a RFC that defined standard types for all RFC's, such as there is for standard terms (RECOMMENDS, SHOULD etc), i searched but didnt find anything. Thanks Glenn --=.868P2?TI1fbC.k Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+TQLYWWZyfXiLlL8RAnzcAJ4g8u97oznSZA9XDL+VySWKGf+I/wCfdtp3 2n3WHWSzUiiw/I8C+xBGkuc= =U/7+ -----END PGP SIGNATURE----- --=.868P2?TI1fbC.k-- From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Fri Feb 14 09:57:15 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id JAA23952 for ; Fri, 14 Feb 2003 09:57:14 -0500 (EST) Received: (qmail 8399 invoked by uid 605); 14 Feb 2003 15:00:57 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 8392 invoked from network); 14 Feb 2003 15:00:56 -0000 Received: from ixion.tartarus.org (195.149.39.210) by mail.netbsd.org with SMTP; 14 Feb 2003 15:00:56 -0000 Received: from simon by ixion.tartarus.org with local (Exim 3.35 #1 (Debian)) id 18jhKS-00058x-00; Fri, 14 Feb 2003 15:00:40 +0000 X-Mailer: Jed/Timber v0.2 From: Simon Tatham To: ietf-ssh@netbsd.org In-Reply-To: <20030215015255.3dd97ffd.bug1@optushome.com.au> Subject: Re: define string Message-Id: Date: Fri, 14 Feb 2003 15:00:40 +0000 Sender: ietf-ssh-owner@netbsd.org Precedence: list Glenn McGrath wrote: > By trying to talk to openssh and lsh servers i worked out a string is > > char string_length > char *string > char extra_terminators[3] > > I understand why string_length is there, its can make it easier to > handle the string, but why are there three extra '\0' terminators ? > > Irrespective of the reasoning i think the format of the string should be > documented somewhere It is. Look in draft-ietf-secsh-architecture-13.txt, which contains general material which applies to more than one of the transport, userauth and connect drafts: string Arbitrary length binary string. Strings are allowed to contain arbitrary binary data, including null characters and 8-bit characters. They are stored as a uint32 containing its length (number of bytes that follow) and zero (= empty string) or more bytes that are the value of the string. Terminating null characters are not used. Strings are also used to store text. In that case, US-ASCII is used for internal names, and ISO-10646 UTF-8 for text that might be displayed to the user. The terminating null character SHOULD NOT normally be stored in the string. For example, the US-ASCII string "testing" is represented as 00 00 00 07 t e s t i n g. The UTF8 mapping does not alter the encoding of US-ASCII characters. In other words, your `three extra terminators' are actually part of the 32-bit length field of the _next_ string. Hope that helps, Simon -- Simon Tatham "Thieves respect property; they only wish the property to be their own, that they may more properly respect it." From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Tue Feb 18 00:03:34 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id AAA09263 for ; Tue, 18 Feb 2003 00:03:34 -0500 (EST) Received: (qmail 967 invoked by uid 605); 18 Feb 2003 05:07:15 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 960 invoked from network); 18 Feb 2003 05:07:15 -0000 Received: from one.elistx.com (209.116.252.130) by mail.netbsd.org with SMTP; 18 Feb 2003 05:07:15 -0000 Received: from ogud.com (pcp816081pcs.nrockv01.md.comcast.net [68.49.60.118]) by eListX.com (PMDF V6.0-025 #44856) with ESMTP id <0HAH00N45NKT1P@eListX.com> for ietf-ssh@netbsd.org; Tue, 18 Feb 2003 00:07:41 -0500 (EST) Received: from ENGILL.ogud.com (ns.dc.ogud.com [10.20.30.6]) by ogud.com (8.12.3/8.12.3) with ESMTP id h1I54hts023643; Tue, 18 Feb 2003 00:04:51 -0500 (EST envelope-from ogud@ogud.com) Date: Tue, 18 Feb 2003 00:06:16 -0500 From: =?iso-8859-1?Q?=D3lafur?= =?iso-8859-1?Q?_Gu=F0mundsson?= Subject: Re: WGLC ending 2/21/2003: draft-ietf-secsh-dns-02.txt In-reply-to: <200302072334.h17NYxwj021145@thunk.east.sun.com> X-Sender: post@localhost To: sommerfeld@east.sun.com, ietf-ssh@netbsd.org Message-id: <5.1.1.6.2.20030218000516.016fa350@localhost> MIME-version: 1.0 X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Content-type: text/plain; format=flowed; charset=us-ascii Sender: ietf-ssh-owner@netbsd.org Precedence: list At 18:34 2003-02-07, Bill Sommerfeld wrote: >This is a WORKING GROUP LAST CALL ending 2/21/2003 for > > draft-ietf-secsh-dns-02.txt > >Send comments on this document to the list. > > - Bill This document looks good and I support it's advancement. Olafur From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Thu Feb 20 21:08:57 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id VAA06374 for ; Thu, 20 Feb 2003 21:08:56 -0500 (EST) Received: (qmail 25096 invoked by uid 605); 21 Feb 2003 02:12:40 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 25089 invoked from network); 21 Feb 2003 02:12:39 -0000 Received: from nwkea-mail-2.sun.com (192.18.42.14) by mail.netbsd.org with SMTP; 21 Feb 2003 02:12:39 -0000 Received: from eastmail1bur.East.Sun.COM ([129.148.9.49]) by nwkea-mail-2.sun.com (8.9.3+Sun/8.9.3) with ESMTP id SAA04182; Thu, 20 Feb 2003 18:12:38 -0800 (PST) Received: from thunk.east.sun.com (thunk.East.Sun.COM [129.148.174.66]) by eastmail1bur.East.Sun.COM (8.12.2+Sun/8.12.2/ENSMAIL,v2.2) with ESMTP id h1L2Cb4t021000; Thu, 20 Feb 2003 21:12:37 -0500 (EST) Received: from thunk (localhost [127.0.0.1]) by thunk.east.sun.com (8.12.8+Sun/8.12.8) with ESMTP id h1L2Cbaj006356; Thu, 20 Feb 2003 21:12:37 -0500 (EST) Message-Id: <200302210212.h1L2Cbaj006356@thunk.east.sun.com> From: Bill Sommerfeld To: ietf-ssh@netbsd.org cc: smb@research.att.com, jis@mit.edu Subject: IESG feedback on core drafts. Reply-to: sommerfeld@east.sun.com Date: Thu, 20 Feb 2003 21:12:37 -0500 Sender: ietf-ssh-owner@netbsd.org Precedence: list Some time ago I mentioned that the core drafts were being held up due to concerns about the security considerations section. I've just gotten feedback from Steve Bellovin (security co-AD). He states that in his opinion, the security consideration section is inadequate and should be rewritten along the lines described in draft-iab-sec-cons-03.txt including: ".. a discussion of the limitations of the protocol, the countermeasures, and the residual vulnerabilities. Looking just at the architecture document, it says (in that section) nothing about the risks from users accepting unknown host keys. The information is present in diffuse form in 3.1, but it isn't spelled out clearly in one spot. A possible countermeasure would be some way for a logged-in user to then verify the fingerprint, in a way that a clever mitm proxy would find hard to mimic. Similarly, the draft says little about the security of the endpoint being important. It's not any one thing; it's that I'd really like SEC-area documents to be better than average, and this isn't up to the standards that I, at least, have been demanding of documents from other areas." WG members interested in forward progress of the core drafts should take the time to read draft-iab-sec-cons-03 and send suggested text to the list.. - Bill From ietf-ssh-owner-secsh-archive=odin.ietf.org@netbsd.org Mon Feb 24 06:46:56 2003 Received: from mail.netbsd.org (mail.netbsd.org [155.53.1.253]) by ietf.org (8.9.1a/8.9.1a) with SMTP id GAA09233 for ; Mon, 24 Feb 2003 06:46:55 -0500 (EST) Received: (qmail 14093 invoked by uid 605); 24 Feb 2003 11:50:41 -0000 Delivered-To: ietf-ssh@netbsd.org Received: (qmail 14086 invoked from network); 24 Feb 2003 11:50:39 -0000 Received: from odin.ietf.org (HELO ietf.org) (132.151.1.176) by mail.netbsd.org with SMTP; 24 Feb 2003 11:50:39 -0000 Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA09188; Mon, 24 Feb 2003 06:46:44 -0500 (EST) Message-Id: <200302241146.GAA09188@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ssh@netbsd.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-secsh-dh-group-exchange-03.txt Date: Mon, 24 Feb 2003 06:46:44 -0500 Sender: ietf-ssh-owner@netbsd.org Precedence: list --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Shell Working Group of the IETF. Title : Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol Author(s) : M. Friedl, N. Provos, W. Simpson Filename : draft-ietf-secsh-dh-group-exchange-03.txt Pages : 8 Date : 2003-2-21 This memo describes a new key exchange method for the SSH protocol. It allows the SSH server to propose to the client new groups on which to perform the Diffie-Hellman key exchange. The proposed groups need not be fixed and can change with time. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-secsh-dh-group-exchange-03.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-secsh-dh-group-exchange-03.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-secsh-dh-group-exchange-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2003-2-21161327.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-secsh-dh-group-exchange-03.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-secsh-dh-group-exchange-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2003-2-21161327.I-D@ietf.org> --OtherAccess-- --NextPart--