Once you have established an SSH relationship the protocol allows you to determine with a high degree of confidence that you are connecting to the same end point in future. That is not a perfect security control but it is a very useful one. It is a much more useful control than any provided by infrastructure that is not deployed. On Fri, Feb 26, 2010 at 3:58 AM, Masataka Ohta <mohta@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > Phillip Hallam-Baker wrote: > >> SSH is not a bad security protocol. It provides a very high level of >> protection against high probability risks with little or no impact on >> the user. There is a narrow window of vulnerability to a man in the >> middle attack. > > As a security researcher, I can teach you that the security you > observe is not of SSH but of return routability. > > Return routability over many third party ISPs is not 'verifiable', > of course. > > Masataka Ohta > > > -- -- New Website: http://hallambaker.com/ View Quantum of Stupid podcasts, Tuesday and Thursday each week, http://quantumofstupid.com/ _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf