Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 676

[tlyu - Wed Apr 16 19:40:57 2003]:

> Do we want an option to allow for "server subkey wins"?

RFC1510 and clarifications pretty much leave subkey negotiation to the
applications.
To stay true to this the APIs could allow an application-provided
callback function
to produce the local and remote sub-keys given the proposed sub-keys
from the
AP exchange as input.

> Are there any applications currently depending on the functionality of
> unidirectional subsession keys?

Er, well, I suspect not, but if the default mkr_req/mk_rep behaviour
changes apps
would break, no?  What about older kcmd?  Is there a reflection attack
there if
unidirectional keys are not used?

Nico