security

[Martin Atkins]

James A. Donald wrote:
> Scott Kveton wrote:
>  > Can folks give me an example of something that was
>  > completely secure from day one and that got
>  > wide-spread adoption?
> 
> SSH was designed to be completely secure from day one,
> and except for the usual bugs, was.
> 
> In contrast, we have *never* entirely succeeded in
> retroactively cobbling security on top of a protocol
> that was not designed from the beginning to be secure -
> in particular, secure modes for telnet, the primary
> competitor of SSH, never really worked.
> 
> Because SSH has only one mode, and that mode secure, the
> user will seldom see an "are you sure" dialog, and is
> therefore not trained to click through that dialog.
> 

I would argue that part of SSH's success in relation to other SSL-based 
solutions is that it is not fundamentally based on certificates, and so 
there's much less overhead to bootstrapping yourself; I just apt-get 
install ssh and the package generates me a server keypair automatically; 
I don't have to go though the arduous process of either getting a cert 
or self-signing my own, and I don't get clients bitching at me every 
time I log in because my cert is self-signed. It just works.

One of the main reasons why I don't use SSL on servers more is that SSL 
— whatever protocol is bundled inside it — is generally a pain in the ass.