IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Current WG status.



So, your working group chair wound up being way too busy with his day
job and let things slide a bit much.

During IETF-wide last call for the core documents, there was a comment
from the IANA that they needed more guidance on the initial state of
the SSH-related registries that they will need to maintain (the info
is spread thinly throughout the core drafts and it would be
error-prone for someone not familiar with the protocols to extract
it).

To this end, the new draft:

	draft-ietf-secsh-assignednumbers-00.txt 

was written and published.  Please review it for accuracy.

I have received one private comment so far, which I'll forward in a
separate message.  

Other items:

 - we need to get cracking on fixing the CBC problem.

See in particular, this message from Tadayoshi Kohno sent a couple
weeks ago:

    From: "Tadayoshi Kohno" <tkohno%cs.ucsd.edu@localhost>
    Reply-To: tkohno%cs.ucsd.edu@localhost
    cc: tkohno%cs.ucsd.edu@localhost
    To: ietf-ssh%netbsd.org@localhost
    Subject: Paper on SSH
    Date: Tue, 18 Jun 2002 18:56:56 -0700


    As Wei Dai recently pointed out, the current SSH protocol is insecure
    (because of problems with way CBC mode is used).

    In the paper
	    http://eprint.iacr.org/2002/078/
    Mihir Bellare, Chanathip Namprempre, and I show how to provably fix
    the SSH protocol.  We have placed a summary of our recommendations at
	    http://www-cse.ucsd.edu/users/tkohno/papers/SSH/sshadvice.html

    We hope that our provable security results will be of use to the IETF
    SSH Working Group.

There are two recommendations -- in addition to modifying the
encryption mode, they recommend forcing a rekey before reaching 2**32
packets.

I think it's time for a strawman draft with a proposal so we can start
arguing about specifics.  Anyone want to volunteer?

 - I'll start shipping extension drafts to the IESG once the
assignednumbers draft goes through.

						- Bill



Home | Main Index | Thread Index | Old Index