[Cryptography] Why aren’t we using SSH for everything?
bascule at gmail.com
Sun Jan 4 01:14:38 EST 2015
On Sat, Jan 3, 2015 at 8:48 PM, Christoph Anton Mitterer <
calestyo at scientia.net> wrote:
> I don't see any reason why SSH should be weaker than anything else. In
> fact it is not.
It's not because SSH supports an X.509-like CA system
> No one forces users to blindly trust a remote host key on first
> encountering it, that's why there are fingerprints and people should
> validate those - if people are stupid and don't validate them, well then
> you can't help such folks.
Do you actually verify key fingerprints, and if so, how?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography