IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Current WG status.
So, your working group chair wound up being way too busy with his day
job and let things slide a bit much.
During IETF-wide last call for the core documents, there was a comment
from the IANA that they needed more guidance on the initial state of
the SSH-related registries that they will need to maintain (the info
is spread thinly throughout the core drafts and it would be
error-prone for someone not familiar with the protocols to extract
it).
To this end, the new draft:
draft-ietf-secsh-assignednumbers-00.txt
was written and published. Please review it for accuracy.
I have received one private comment so far, which I'll forward in a
separate message.
Other items:
- we need to get cracking on fixing the CBC problem.
See in particular, this message from Tadayoshi Kohno sent a couple
weeks ago:
From: "Tadayoshi Kohno" <tkohno%cs.ucsd.edu@localhost>
Reply-To: tkohno%cs.ucsd.edu@localhost
cc: tkohno%cs.ucsd.edu@localhost
To: ietf-ssh%netbsd.org@localhost
Subject: Paper on SSH
Date: Tue, 18 Jun 2002 18:56:56 -0700
As Wei Dai recently pointed out, the current SSH protocol is insecure
(because of problems with way CBC mode is used).
In the paper
http://eprint.iacr.org/2002/078/
Mihir Bellare, Chanathip Namprempre, and I show how to provably fix
the SSH protocol. We have placed a summary of our recommendations at
http://www-cse.ucsd.edu/users/tkohno/papers/SSH/sshadvice.html
We hope that our provable security results will be of use to the IETF
SSH Working Group.
There are two recommendations -- in addition to modifying the
encryption mode, they recommend forcing a rekey before reaching 2**32
packets.
I think it's time for a strawman draft with a proposal so we can start
arguing about specifics. Anyone want to volunteer?
- I'll start shipping extension drafts to the IESG once the
assignednumbers draft goes through.
- Bill
Home |
Main Index |
Thread Index |
Old Index