| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 2001/5/26-28 [Computer/SW/Security] UID:21366 Activity:insanely high |
5/25 If IPv6 encrypts everything (IPSec) as part of the standard, does this
mean protocols like ssh would no longer be required? Will IPv6 allow
telnet and ftp and other cleartext password protocols to live on?
What use would there be for ssh if IPv6 was everywhere?
\- i realize i am "begging the hypothetical" but the "if ipv6
was everywhere [and interoperating nicely, with reasonable key
management, and transparancy]" is a pretty big if. "if ksh does
everything sh does and more, why do we still have sh?" etc. --psb
\_ It's a good question. I think the answer is mostly just
inertia and history.
\_ there will always be a need for application-level security
\_ What does ssh do for me that ipsec doesn't? IPv6 encrypts, it
compresses, QoS, and lots of other funs things. What does ssh
get me in a pure IPv6 world? (Yes, I know this will take a while
to happen, that's not my query). Don't get me wrong. I love
ssh and use it for all sorts of stuff. I'm just not seeing a
big role for it in IPv6.
\_ Authentication?
\_ I think a telnet prompt with memorised password is better
auth than the keys-on-disk ssh standard auth. I can steal
your private key. I can't read your mind.
\_ you can require a key on disk, and protect the
key with a passphrase
\_ Is stealing someone's private key easier than reading
their password out of the password file?
\_ Yes. And can be more useful.
\_ Of course -my- private key is encrypted. Go ahead and
steal it. As for memorized password, it can be easily
stolen as well with a use of a trojaned client or
server, and I have seen this happen many times.
\_ So you unencrypt your key before each use? Uh huh.
If the server or client is trojaned all is lost
anyway so it hardly matters what you use at that
point, does it?
\_ This is not true in general. It's easy to
authenticate yourself without revealing
your private key.
\_ Yes, man ssh-agent. And if your are not using
ssh-agent, then yes, you need to decrypt the
key every time you use it. Ssh client does this
for you. And yes, this is more secure because
you don't have to send neither your password
nor your private key to the remote ssh server.
\_ I think you don't understand how ssh-agent
or ssh itself works. ssh-agent is a local
key manager that makes it so you don't have
to retype your passphrase over and over for
each new connection. Nothing more. I'd
like to hear your explanation of how it
auths to the server without sending any
info.
\_ do you even know what PKI means?
\_ Same question: how are you doing auth
without sending someone something?
\_ i was speaking more broadly, e.g. SSL too. the main use
of app-level security is authentication and integrity
of data between app-level (not system-level) principals.
\_ Is something like app-level ssl necessary when the
underlying protocol (IPv6 in this case) deal with it?
\_ yes, particularly for distributed systems. not
only are there app-level principals that are not
known at the system level to auth/authz, but
you also want to reduce the extent of damage when
one part fails.
\_ Agent system, agent forwarding, x11 forwarding...
\_ BTW, IPSec has nothing to do with IPv6. Implementations of both
for *BSD systems happen to be codevelped by the same people
(kame.net), but IPv6 !=, is not a superset of, does not imply,
whathaveyou, IPSec.
\_ Well, true, but what I read implied that IPv6 is assumed to use
IPSec by default. |
| 2001/5/26-28 [Politics/Domestic/California, Politics/Domestic/Immigration] UID:21367 Activity:insanely high |
5/25 Russia introduced a flat tax of 13% last year. Am I the only one who
finds that ironic? (Tax revenue was up 70% this year, btw).
\_ Why is this ironic? Econ 1A.
\_ It's ironic because the former bastion of communism has learned
the lessons of capitalism better than the United States has.
\_ your argument will/would make more sense when and
if Russia becomes a place human beings actually
enjoy living in. Do you read the newspaper?
Russia is a lawless hellhole. The United States
is not (yet).
\_ RUSSIA IS AN EVIL COMMIE LIBERAL COUNTRY
\_ Russia was never a place suitable for the enjoyment of
human beings. It never will be. What's that got to do
with it? Are you trying to imply that the IRS is the
source of American prosperity? Surely, you jest.
\_ THE IRS IS AN EVIL COMMIE LIBERAL ORGANIZATION
\_ what funds the government? little fluffy
clouds?
\_ CLOUDS ARE EVIL COMMIE LIBERAL WATER VAPORS.
\_ You think the government is the source of American
prosperity? Who cares what funds the government?
The government is not what makes this country great.
The government only holds us back from being even
greater. Had some pork lately? Pay your taxes like
a good little boy and run along. Why do all you
lefties think the government is capable of improving
your life or anyone's life?
\_ GOVERNMENT IS AN EVIL COMMIE LIBERAL IDEA.
DOWN WITH AMERICAN GOVERNMENT!
\_ I haven't posted on this thread yet, but yes
I do think the government deserves a lot of
credit for our prosperity. I came to this
country as an immigrint with nothing. I was
able to attend excellent public schools from
grades 1-12 and then I received a scholarship
to the best public university in the world.
After graduating I was able to contribute
to a variety of companies some of which are
doing quite well. Now I am in graduate school
supported by a fellowship. A good deal of
our country's success in technology can be
traced to government programs like education
which take people like me who would otherwise
be flipping burgers due to lack of education
and turns them into scientists and engineers.
Although I would obviously prefer to pay less
taxes, I am happy to pay my taxes every year
because I'm grateful for the benefits I've
received.
\_ PUBLIC SCHOOLS ARE EVIL COMMIE LIBERAL
THINGS. BANNISH PUBLIC SCHOOLS! IMMIGRANTS
AND IMMIGRATION ARE EVIL COMMIE LIBERAL
THINGS. BAN BOTH OF THEM!
\_ Amen, brother.
\_ Glad you got a piece of what me and so many
others have had sucked from their wallets for
so many years. How much of my money goes
straight to welfare for the extended families
of immigrants who came here to do nothing with
themselves as opposed to the rare few who did
something useful such as yourself? How about
_this_ story? _Their_ taxes helped put _you_
through school. Be ashamed. And oh yeah...
"Amen, brother", but for them, not you.
http://seattletimes.nwsource.com/html/nationworld/134299780_family27.html
\_ The American government has the ability
to enforce contracts and thus promotes much
legitimate commerce. This is because it has
a very strong judiciary and a credible
encforcement capacity. The Russian government
hasn't quite figured any of this out yet
and so is incapable of creating an environment
where people improve their own lives.
\_ INTERNATION RELATIONS ARE EVIL COMMIE
LIBERAL THINGS. FUCK INTERNATIONAL RELATIONS
\_ you are free to move to a nice place without
a legitimate government (or taxes)... like Angola.
\_ Nice strawman. Could you explain the correlation in
your mind between taking 50% of my income and freedom
as a citizen? Thank you.
\_ Who's taking 50% of your income?
\_ sure! what do you think supports all your freedoms
in america? harsh language? the good will of
the people? I really do think we enjoy more freedom
in america than in other countries with near
anarchy and no taxes. if you're trying to
argue that the progressive tax is wrong, that's
another argument, i will have to go do some reading.
\_ The government doesn't create freedom. The US
Constitution does by *limiting the powers of the
Federal Government*. The government, by it's very
nature restricts freedom. And yes, the progressive
tax is wrong. There's no reason to take a greater
percentage *and* a greater absolute amount from one
citizen and give it to another. I support sales and
usage taxes (such as bridge tolls) which is a system
where only those using the service pay the tax. I
am strongly opposed to any form of income tax. The
progressive income tax is only one step shy of a
total confiscatory "tax". I *really* don't like
hearing elected reps in federal government saying
"no one needs more than $X amount a year". That's
none of their god damned business. As if they'd
have a clue what a citizen needs anyway. Career
politicians know nothing about the people.
\_ When will people learn? Communism == mobilizing a nation's
economy through command-control pervasively controlling
every aspect of life, including thought and media (like
1984). Communism != tax. Communism is evil (at least to
Americans) because it violates the very principles of the
Bill of Rights but it has nothing to do with taxes.
\_ It seems like you might be confusing the philosophy with
an implementation of that philosophy....
\_ Communism is evil because communism is a slave system where
the government effectively owns the people. The tax rate
is meaningless when you're owned by the state.
\_ Nah. They just read some basic econ books. BTW, Feinstein
voted in favor of the miniscule Bush tax cut. |