[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] a cryptographic note to the folks working on .nuskool
From: |
Zack Weinberg |
Subject: |
[Monotone-devel] a cryptographic note to the folks working on .nuskool |
Date: |
Mon, 4 Feb 2008 12:36:36 -0500 |
The present netsync protocol uses a cryptographic primitive (RSA
decryption) that isn't supported by ssh-agent.¹ This is why you get
prompted for your passphrase on 'mtn sync' even if your key is already
loaded into the agent.
In implementing the new network protocol, please consider making the
crypto handshake require *only* RSA/DSA signatures, as that is the
only primitive that seems to be universally supported by ssh-agent.
I'm not sure how to do that, but evidently ssh itself does, so it must
be possible.
zw
¹ The protocol has reserved numbers for RSA decryption, but in
searching around trying to find the details of those packets, what
kept coming up was "not implemented" stubs. :-(
- [Monotone-devel] a cryptographic note to the folks working on .nuskool,
Zack Weinberg <=