> Is this a part of the extend/extinguish mindset so common at microsoft?
This could be interpreted a few ways, of which Embrace-Extend-Extinguish is one. But I think EEE is unlikely, because it wouldn't succeed, and MS is not stupid in that regard. OpenSSL is used practically everywhere else; the rest of the world isn't going to drop OpenSSL just because Microsoft starts supporting SSH with their own libraries.
Possibility two is that MS looked at the recent history of vulnerabilities in OpenSSL that caused considerable headaches around the internet, and decided they didn't want their enterprise customers to suffer from that same problem in Windows -- it would be a black eye to the new SSH support even though strictly speaking unrelated. Using their own crypto gives them control over how new vulns are handled.
Third (put on your tinfoil hat for this one), if MS has developed crypto in cooperation with the NSA or other agencies that gives them a backdoor, then they have to use that crypto in something like SSH support.
I'll let you decide what you find the most probable.
I figure the third scenerio is most likely, given how horrible microsoft has historically been with security in general and crypto specifically. Overall, I welcome microsoft entry into the 21st century. Perhaps they’ll catch up eventually.
I’m hoping we’ll finally be able to use scp and rsync on microsoft boxes. Rsync rocks.