Re: Issue 5.1) SSH End of message directive

[Ed Roskos <ed.roskos@utstar.com>]

Wes Hardaker wrote:
> > > > > > On Thu, 19 Feb 2004 17:36:28 -0500, "Gilbert Gagnon" <gagnong@nortelnetworks.com> said:
>
>
> Gilbert> P.S. The framing constructs should never use the same
> Gilbert> syntactic conventions as the data it frames...
>
> The nice thing about BER and other length encoding rules is that what
> is inside can be ignored by the parser above.  Looking for a special
> "string" inside the data to know that a frame has ended means anything
> underneath MUST escape the magic string or else the framing parser
> will get rather confused assuming its simple and isn't doing complete
> verification.  If the framing parser were a real parser, it would
> realize it was inside a CDATA section and ignore the illegal
> end-of-frame marker.

I agree with these sentiments, but here is the gotcha.
If we are talking about HTTP, any SOAP binding to a protocol,
etc., such framing is handled without a hitch by definition, and
in a way that a programming interface can be written to work
without human intervention.

But SSH, as I see it, must fill a particular need, and that is
scripting.  How do you explain to someone that they cannot just
cut-and-paste, they must calculate bytes for the message, while
they are playing around getting their scripts right in the first
pass?

What we need for SSH is a simple way to stream in your messages
which does not introduce possible security breaches.  I think
we pretty much have such a method.

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>