Hacker News new | comments | show | ask | jobs | submit login

Well it's more than SSH. The client library needs to to implement the headers and do the date signing. Sure it's easier than TLS, but the libraries suffers more from a lack of dedicated interest than insane complexity I would think.

But I do agree with your basic point that too many people stop at authentication, instead of considering the full range of concerns.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact