IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: des-cbc cipher
RJ Atkinson <rja%inet.org@localhost> writes:
> At 17:50 28/11/01, Bill Sommerfeld wrote:
> > - there should be no mention of a des-cbc algorithm in the spec.
>
> I haven't seen this thread in some while. I really disagree with the
> first conclusion. DES-CBC is widely deployed with SSHv2 right now,
> so it ought to be mentioned.
As far as I understand, the fact that SSH Inc's implementation use the
name "des-cbc", rather than "des-cbc%ssh.com@localhost", is an accidental bug
that'll be fixed in the their next release.
Even if I don't think it's totally outrageous to document "des-cbc" to
the spec, as long as its use is discouraged, there are a lot of other
bugs in various versions of ssh implementations, including SSH Inc's,
that does a lot more damage to interoperation than this one. I don't
see why it is necessary or desirable to change the spec to match this
particular bug.
If you (or anybody else) really needs des-cbc, write up a document
that defines "des-cbc%ssh.com@localhost" or "des-cbc%inet.org@localhost", and if you like,
add a paragraph on bug compatibility that mentions that some existing
implementations use the name "des-cbc" for the same thing.
Would that solve the problem? To me, des-cbc seems like a specialized
algorithm, useful only under very specialized circumstances (like if
you're trying to export boxes from certain countries, or have
customers that for some peculiar reason *insists* on using plain des),
and therefore it makes sense to specify it independently from the core
drafts.
[ Furthermore, I'd expect that in any real SSH communication where
des-cbc is used, at least one of the end-points doesn't support
3des-cbc, and is thus not complying with the spec. That makes the
issue look even more like a question of bug-compatibility. ]
/Niels
Home |
Main Index |
Thread Index |
Old Index