IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Core draft last call update.
On Thu, Mar 14, 2002 at 09:36:28AM +0100, Markus Friedl wrote:
> I don't see a need to rush and consider CTR only, when CFB/OFB is
> less controversal and already supported by existing implementations.
I was not aware that existing implementations already support CFB/OFB.
Apparently this is the case for OpenSSH, but it's not documented anywhere.
OpenSSH also seems to support ECB mode, which does not make any sense to
me. BTW, OpenSSH appears to use unregistered reserved names for these
ciphers, which violates section 5 of the architecture spec.
The way OpenSSH implements OFB (assuming it's accurately documented by the
draft spec you sent in a later post) is different from how I would have
done it. I would pad each packet to a multiple of 8 instead of the block
size, but never mind.
As I mentioned earlier, in the interest of time I'm willing to compromise
and use OFB instead of CTR if we can get it into the core spec. If we have
to do an additional RFC we might as well go for CTR since that is
technically superior.
Home |
Main Index |
Thread Index |
Old Index