Hiya, On 03/12/2020 00:32, Scott Bradner wrote:
any prediction son what % of future IoT implementations would drop telnet if the IETF moves the spec to historic?
That's a fair point. (And why I said it'd be credible but didn't say I'd help with the I-D:-) On 03/12/2020 00:41, Michael Richardson wrote:
Replacing telnet with ssh and still using passwords that never get changed is less secure in my opinion. You mention "sshd_config", but frankly, if you knew how to do that, then you wouldn't have the problem in the first place.
I don't agree. If we assume the system developer is careless, then it's easier to recover from such a careless developer if they misused ssh than if they misused telnet I'd say. S.
Attachment:
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
