IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: des-cbc cipher



anakin%pobox.com@localhost (Simon Tatham) writes:

> Looking at ssh.com's SSH-3.0.1, it appears that it supports
> single-DES encryption under the identifier "des-cbc".
> 
> I don't see this listed as an approved name in the latest transport
> draft. Is it an approved name, or has ssh.com unilaterally added it
> and failed to put a domain on the end?

Shall we say, a misfeature. It is not in the transport draft (nor
should it).

DES is supported for marketroid reasons (some people actually really
want to use it, even with advice for the contrary), and it not having a
"@ssh.com" ending is a bug. Which will also be present in 3.1.0,
unfortunately.

This shouldn't have any adverse affect on interoperability, as other
implementations will just ignore it as not supported (or do you
specifically look for algorithms that are not in the spec, and
disconnect in disgust?).

-- 
[sjl%ssh.com@localhost          --  Sami J. Lehtinen  --           sjl%iki.fi@localhost]
[work:+358 20 5007425][gsm:+358 40 864 3001][http://www.iki.fi/~sjl]
[SSH Communications Security Corp               http://www.ssh.com/]



Home | Main Index | Thread Index | Old Index