12 sats \ 0 replies \ @hn OP 16 Dec 2023
This link was posted by kieto 2 hours ago on HN. It received 140 points and 73 comments.
reply
42 sats \ 0 replies \ @k00b 16 Dec 2023
TIL one of QUIC's bigger selling points is reducing crypto negotiation roundtrips.
reply
0 sats \ 0 replies \ @orthzar 17 Dec 2023 freebie
This is really not a good idea, because it allows rogue/negligent Certificate Authorities to masquerade as your server. With SSHv2, nobody can masquerade as your server, unless they somehow steal your server's privkey.
The claim in the above quote (that SSHv2 is less secure) refers to the fact that you have to manually verify the server's pubkey/fingerprint, which a lot of people don't do. That isn't insecure; it's just inconvenient. SSH3's solution is more convenient and, in fact, less secure.
Fortunately, you don't have to use x.509 certificates in SSHv3, so this is only a security problem for people who don't understand TLS's PKI (which is a lot of people).