Subject: Re: rfc2228 in ftpd
To: Jaromir Dolecek <>
From: None <>
List: tech-security
Date: 07/01/2002 15:29:29
>I do not believe in this kind of reasoning. How many people out
>there are using S/Key ? 1% of people or less? So while there people
>would know they are vulnerable, rest could have had better sleep.
>And hackers would have tough time to _find_ vulnerable server,
>even if they'd find the problem.

	i guess the problem is not how many users are using s/key, but how many
	of installed systems that has it turned on (most of the openssh
	installation shipped with it turned on).