(Professor Kube - Just sending you a mid-quarter update on how our SSH project is coming along this quarter as you provided valuable information at the start of our project last quarter.) Gang - I'll be out of touch till Saturday evening as I'm flying out today to interview with The Evil Empire up in Seattle. --- Windows SSH Meeting Notes Sunday, February 8th, 1998 (Tim, Doug, Mike) Monday, February 9th, 1998 (Professor Yee, Doug, Tim AND MIKE!) Optimistic Goal =============== - I wanted a pre-alpha version of the Windows SSH client that does a succesful connection and exchange of keys ready to go in two weeks. Hopefully we'll have some of the VT100 stuff also implemented by then. This is extremely optimistic, but with the end of the quarter rapidly approaching, I'm pushing the team to greater efforts. :) Notes: ====== - Mike finally manages to join our weekly meeting with Yee. :) - Professor Yee gave a brief overview on the aspects of "privacy/integrity" that concern the computer security field - used the one time cipher pad as an example of a cryptosystem that offers very little guarantee on the integrity of the data. He also points out the importance of not developing tunnel vision. While it may be possible using several thousands of computers to break a key, your privacy can probably be more easily circumvented with people who peer over your shoulder as you type in your password. - Yee grilled us on some aspects of Big O as they relate to cryptography. :) We all started blankly till he explained, where we all then went "Oooohhh!". - Asked Yee for a good cryptography book. He suggests Stinson's "Cryptography" rather than the more popular "Applied Cryptography". - The Java group is starting to show signs of life again... :) Progress Report =============== 980212 Thursday - Excellent progress to report as Doug and I have been on fire. - I finally broke down and bought the O'Reilly and Associates book "termcap and terminfo" after the documentation this is publicly available on the web regarding terminals proved to be inadequate. After an hour of reading I now have a pretty clear understanding on how terminals work and how to go about doing the VT100 emulation. - I've also created an abstract secure shell class that cracks the binary packet that is used in secure shell and also packet creation functions. Also started using cryptlib to provide some of the cryptographic functions that are needed. - Doug has gotten a grasp on how Winsockets are used in MFC via the CSocket abstraction class. Personally I felt it was convuluted and unfortunately the poor documentation that comes with Visual C++ didn't help. Regardless Doug has started writing the various functions that we will be using to stream data coming in and out. - Mike is starting to merge his GUI code involving the various dialog option boxes into the main source tree. Code merges haven't been too painful as Doug and I have been merging our code fairly often - and we're also working in different files. Regardless CVS rocks! :) Highly reccomended. 980202 Sunday - Mike has various dialog boxes, menus, and toolbar ready to go and merged into the source. - CVS is finally implemented. A brief demo on how source will be controlled and also stressed the importance of modularity. The first code merge will happen next week during the meeting (the best time to do them we decided). - The Teraterm source has been a god send and Doug has been using it as a basis on how to organize his portion of the project (networking/ssh). - Doug and I worked out briefly how our two parts will interact. Though this will most likely change as we explore and code further. 980130 - Discussed various strategies in splitting the project up into three blocks that could be worked by each individual. Convinced Mike that it would be a bad idea to have a Dialog Box based app. Here's how we finally split it up: - Core SSH/Network - Doug. As Doug is the most familiar with MFC he gets to tackle this portion. As Professor Yee suggested earlier in the quarter, we'll be abstracting out the SSH stuff into a non-os specific portion that could be used on other platforms. - Document / View - Me. We'll be using the MFC "Document/View" architecture which defines specific classes - "Document" is where data should be stored and the "View" class does all the "drawing". As such, the "View" class will also do the various vt100/tty terminal emulation. - Dialog Boxes / GUI - Mike. As Mike is not pursuing the 199 he did get a easy but crucial portion. He'll be designing all the various Menus, Toolbars, Status Bars, and Dialog Boxes. I'm sure he'll finish this fairly quickly though to then he can work on something else. - Two threads will be used. One for mainly the networking stuff and the other for everything else. - Originally it was on the wish list for the product to double also as a telnet app if a SSH connection was unavailable; after looking through the Telnet spec we're deciding against this at present time. - Source control will partially be done through CVS. Tim's computer will be used as a server for the master source repository. CVS's inability to handle binary files prevents it's use for the whole project. - At present we have a bare bones project file. As we have code to add to the master source repository we do so and check it in. Brainstormed and added a series of global variables < 980130 -Examine the three crypto libraries Cryto++, Cryptlib, and RSARef. Found that latest version of Cryptlib is buggy as its in beta. - Decision to use Hungarian Notation. - Read through RFC. --------