Re: Telnet Encryption Specification
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Telnet Encryption Specification
> "Theodore Y. Ts'o" <tytso at MIT.EDU> writes:
>
> >> The fix for this would be to use CBC(*), but that has the down side of
> >> being slower and requiring more bytes on the wire, since telnet is a
> >> character-at-a-time protocol, and CBC requiers that you block data into
> >> 8 byte chunks. (The advantage of CFB and OFB is that they work well
> >> with streaming protocols.)
>
> Just as a point of reference, I regularly use ssh (which has quite a
> bit of overhead) for interactive traffic over a modem, and I can't
> detect any difference in latency over a non-protected connection. I
> think the days where we need to worry about the extra overhead are
> also over.
>
> Marc
>
However, file transfers over a Kerberos Telnet connection from a
166 MHz Pentium to a rather fast Sparc system run at about 60% of the
speed of an unencrypted connection. This is due entirely to the
overhead of the encryption. So I don't think the cost are completely
irrelevant.
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit Project * Columbia University
612 West 115th St #716 * New York, NY * 10025 * (212) 854-1344
http://www.columbia.edu/kermit/k95.html * kermit-support at columbia.edu
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
