Subject: Re: ssh - are you nuts?!?
To: Dan Riley <>
From: Mipam <>
List: tech-security
Date: 12/21/2000 22:00:20
> While it is tempting to believe ssh must be better than secure telnet
> because ssh was designed with security in mind, this is a really *bad*
> argument in a security context--there have been plenty of protocols
> supposedly designed with security in mind that actually sucked badly,
> while telnet is generally well designed and very flexible.  You have
> to judge the protocols on their actual merits (which in the case of
> secure telnet means reading rfcs 2941 - 2953, especially rfc2941 and
> rfc2946), rather than the perceived merits of their parentage.

Sure, i agree with you.
I never said that i'll believe programs/protocolls etc are secure cause
security has been allrdy in the design. Such a thing needs extensive testing.
It also depends very much on the implementation and more. 
And as you allrdy mentioned,
it's very bad to just believe in the security of products etc,
Cause it make ppl to confident and careless, which is the mother
of vulnerability.
However, ssh2 is to become a standard, secure telnet isnt.
So compatibility will be an issue, or am i wrong here?