Ethereal-dev: Re: [Ethereal-dev] RADIUS's "Message Authenticator"

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Ronnie Sahlberg" <sahlberg@xxxxxxxxxxxxxxxx>
Date: Tue, 26 Mar 2002 23:08:42 +1100
Hi,
Thanks for your input

----- Original Message -----
From: "Adam"
Sent: Tuesday, March 26, 2002 9:12 PM
Subject: Re: [Ethereal-dev] RADIUS's "Message Authenticator"


>
> I have seen lots of ppl speaking. Unfortunatelly I'm not sure sure who's
> who, so not sure how many, or if any, of those ppl with cvs write acces
> spoke up here. Who I would assume are the lead developers here :-)

That would probably be Guy since he is the most active maintainer.

>
> The way I see having OpenSSL part of Ethereal is great step forward as
> incresingly more and more protcols are using some form of crytography
> either for authentication and/or secure exchange of data. And increasing
> number of protcols is being layered over those. With advent of wireless
> networks withere you can't even pretend you have physical wire security,
> we can expect see even more of them. For example speaking of EAP alone,
> there are already 3 different ways to use SSL for authentication
> (EAP-TLS,TEAP,PEAP(#18)), and there are other 32 authentication schemes
> for EAP under development.
>
> So it would be convenient to have access to full crytographic suite here,
> and not have to duplicate it inside of Ethereal sources. And this suite
> would be openssl which consist of libssl and libcryto, which provides both
> set of crytographic functions as well TLS implemented on top of them.
>
> In the short term future, the interest is in reassembly of data being
> passed over ssl layer. For me it would mean being able to have accepted
> the patch which started the thread, as well possible LEAP patches in
> future.
>
> Comments?
>

I agree. Including linking with OpenSSL would open very interesting avenues
for new ettercap-similar
features. Though the problem is the licence. If we start making exceptions
to the licence when it suits us, what
right have we to complain if someone else makes other exceptions we would
not like?

I myself is fully in support for adding these features and also if possible
doing this by linking with OpenSSL since we would then not need to
reimplement all the stuff ourself.
My opinion in the matters little though.

My personal view is that we could start carefully adding support for OpenSSL
perhaps only on the platforms that provide it as standard with the OS,
namely some Linux and BSD distros.
Then we could add it to the others where OpenSSL is available as an option
as well.
If someone complains we can then either back the OpenSSL support out or try
to reimplement OpenSSL ourself if need be and there is sufficient demand.


I hereby give my permisson to link whatever GPL code i have contributed to
ethereal in the past and all code I will contribute in the future that I
allow my code to be linked with whatever other non-GPL open source library
there might be in order to enhance the functionality of ethereal.