No, I just think 15 years or so is more than enough time to have addressed the issue. On Thu, Mar 26, 2015 at 14:05:08 -0700, Dan Kaminsky wrote:> So, this isn't your problem and you don't respect the people's whose > problem it is. > > On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan at nas.nasa.gov> wrote: > > > On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote: > > > You're right. My argument the is the next build of OpenSSH should be > > > OpenSSH 7, and the one after that 8, then 9, then 10. No minor releases? > > > Sure, go ahead. Deprecate the point, > > > > > > Do you manage any machines running SSHv1? > > > > > > > If by "running" you mean accepting SSH1, of course not. From a security > > perspective, no one should be using SSH1. > > > > For those who, for whatever reason, need to support systems that only > > support SSH1, there are already sufficient solutions that have been > > noted multiple times on this list. > > > > Those who are still using SSH1 have already demonstrated the fact that > > they are slow to embrace new technology, so I would not be surprised to > > find that the majority of them are also slow to upgrade to newer > > versions of OpenSSH. I would also not be surprised to find that many of > > them are still using telnet to manage their routers. > > > > -- > > Iain Morgan > >-- Iain Morgan
Do you have a problem with 15 year old cars? On Thu, Mar 26, 2015 at 3:12 PM, Iain Morgan <imorgan at nas.nasa.gov> wrote:> No, I just think 15 years or so is more than enough time to have > addressed the issue. > > On Thu, Mar 26, 2015 at 14:05:08 -0700, Dan Kaminsky wrote: > > So, this isn't your problem and you don't respect the people's whose > > problem it is. > > > > On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan at nas.nasa.gov> > wrote: > > > > > On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote: > > > > You're right. My argument the is the next build of OpenSSH should be > > > > OpenSSH 7, and the one after that 8, then 9, then 10. No minor > releases? > > > > Sure, go ahead. Deprecate the point, > > > > > > > > Do you manage any machines running SSHv1? > > > > > > > > > > If by "running" you mean accepting SSH1, of course not. From a security > > > perspective, no one should be using SSH1. > > > > > > For those who, for whatever reason, need to support systems that only > > > support SSH1, there are already sufficient solutions that have been > > > noted multiple times on this list. > > > > > > Those who are still using SSH1 have already demonstrated the fact that > > > they are slow to embrace new technology, so I would not be surprised to > > > find that the majority of them are also slow to upgrade to newer > > > versions of OpenSSH. I would also not be surprised to find that many of > > > them are still using telnet to manage their routers. > > > > > > -- > > > Iain Morgan > > > > > -- > Iain Morgan >
Non sequitor. On Thu, Mar 26, 2015 at 15:27:27 -0700, Dan Kaminsky wrote:> Do you have a problem with 15 year old cars? > > On Thu, Mar 26, 2015 at 3:12 PM, Iain Morgan <imorgan at nas.nasa.gov> wrote: > > > No, I just think 15 years or so is more than enough time to have > > addressed the issue. > > > > On Thu, Mar 26, 2015 at 14:05:08 -0700, Dan Kaminsky wrote: > > > So, this isn't your problem and you don't respect the people's whose > > > problem it is. > > > > > > On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan at nas.nasa.gov> > > wrote: > > > > > > > On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote: > > > > > You're right. My argument the is the next build of OpenSSH should be > > > > > OpenSSH 7, and the one after that 8, then 9, then 10. No minor > > releases? > > > > > Sure, go ahead. Deprecate the point, > > > > > > > > > > Do you manage any machines running SSHv1? > > > > > > > > > > > > > If by "running" you mean accepting SSH1, of course not. From a security > > > > perspective, no one should be using SSH1. > > > > > > > > For those who, for whatever reason, need to support systems that only > > > > support SSH1, there are already sufficient solutions that have been > > > > noted multiple times on this list. > > > > > > > > Those who are still using SSH1 have already demonstrated the fact that > > > > they are slow to embrace new technology, so I would not be surprised to > > > > find that the majority of them are also slow to upgrade to newer > > > > versions of OpenSSH. I would also not be surprised to find that many of > > > > them are still using telnet to manage their routers. > > > > > > > > -- > > > > Iain Morgan > > > > > > > > -- > > Iain Morgan > >-- Iain Morgan