Bill Fenner: Re: Last Call: SSH Protocol Architecture to Proposed Standard

To: ietf-ssh%netbsd.org@localhost
Subject: Bill Fenner: Re: Last Call: SSH Protocol Architecture to Proposed Standard
From: Bill Sommerfeld <sommerfeld%east.sun.com@localhost>
Date: Tue, 09 Jul 2002 14:54:34 -0400

More feedback from on high.  my response will follow shortly.

------- Forwarded Message

From: Bill Fenner <fenner%research.att.com@localhost>
Received: (from fenner@localhost)
	by windsor.research.att.com (8.8.8+Sun/8.8.5) id CAA09963;
	Tue, 9 Jul 2002 02:40:45 -0700 (PDT)
Message-Id: <200207090940.CAA09963%windsor.research.att.com@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
To: sommerfeld%east.sun.com@localhost
Subject: Re: Last Call: SSH Protocol Architecture to Proposed Standard
Cc: iana%iana.org@localhost, iesg%ietf.org@localhost, Darren.Moffat%sun.com@localhost
Date: Tue, 9 Jul 2002 02:40:44 -0700
Versions: dmail (solaris) 2.4c/makemail 2.9d
Content-Length: 2227


Bill,

  Section 1 says:

       60 to 79   User authentication method specific (numbers can be
                  reused for different authentication methods)

I think that means that each authentication method needs its own
sub-registry for this range.  For example, what user authentication
method is

   SSH_MSG_USERAUTH_PK_OK                  60     [SSH-USERAUTH]

specific to?

  Similarly with 30-49.  Here's my suggestion, if I'm understanding
these ranges properly:

   Message ID                            Value    Reference
   -----------                           -----    ---------
   SSH_MSG_NEWKEYS                         21     [SSH-TRANS]
   - see key exchange method table      30-49
   SSH_MSG_USERAUTH_REQUEST                50     [SSH-USERAUTH]
   SSH_MSG_USERAUTH_FAILURE                51     [SSH-USERAUTH]
   SSH_MSG_USERAUTH_SUCCESS                52     [SSH-USERAUTH]
   SSH_MSG_USERAUTH_BANNER                 53     [SSH-USERAUTH]
   - see auth type method table         60-79
   SSH_MSG_GLOBAL_REQUEST                  80     [SSH-CONNECT]


1.1 Message Numbers for "diffie-hellman-group1-sha1" Key Exchange

   Message ID                            Value    Reference
   -----------                           -----    ---------
   SSH_MSG_KEXDH_INIT                      30     [SSH-TRANS]
   SSH_MSG_KEXDH_REPLY                     31     [SSH-TRANS]

1.2 Message Numbers for "publickey" Authentication Type

   Message ID                            Value    Reference
   -----------                           -----    ---------
   SSH_MSG_USERAUTH_PK_OK                  60     [SSH-USERAUTH]


That way, in the future a new sub-registry can be created:

  Message Numbers for "frobnitz" Authentication Type

   Message ID                            Value    Reference
   -----------                           -----    ---------
   SSH_MSG_USERAUTH_FROBNITZ_OK            60     [SSH-FROBNITZ]

when a new authentication type comes along that reuses numbers in 
these ranges.  Although it's a little confusing to have the sub-ranges
split out when there are not multiple assignments yet, I think it's
better to handle this now than to try to figure out what to do when
it happens.

  Bill

------- End of Forwarded Message

Prev by Date: Re: proposal: adding des-cbc to secsh-assignednumbers as HISTORIC
Next by Date: Re: Last Call: SSH Protocol Architecture to Proposed Standard
Previous by Thread: proposal: adding des-cbc to secsh-assignednumbers as HISTORIC
Next by Thread: minutes/wg status
Indexes:

Home | Main Index | Thread Index | Old Index