Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)

[Nicolas Williams <Nicolas.Williams%sun.com@localhost>]

On Thu, Jul 17, 2003 at 12:44:26PM -0400, Joel N. Weber II wrote:
> > How about a global request that a client send (after kex) to the server
> > to list the server's public host keys?
> 
> Regardless of what GSSAPI ends up doing, something like that is
> probably a good idea for OpenPGP: it would be nice to have a way to
> get revocation certificates from the server after you have connected
> to the correct server, in case there are old host keys that have been
> stolen, and I don't think putting multiple toplevel keys in the key
> sent during keyex is the right solution.  I'm willing to write a draft
> about messages to do this, though if jhutz wants to, I'd be happy to
> defer to him.
> 
> (Indeed, the draft on using pgp-sign-* with secsh that I've written
> and intend to submit as soon as drafts are being accepted again talks
> about the usefulness of such a mechanism, without proposing one.)
> 
> A similar revocation mechanism for X.509 may also be a good idea.

I think I'd call this "implicit revocation."  The server tells the
clients what all its publick keys (and certs) are after authenticating
itself to the clients and the clients update their database of known
server host keys, adding new ones and removing old ones.

I think doing this as a global request rather than as a new host key
pseudo-alg is the way to go.  The only problem being that global
requests are a feature of the "ssh-connection" service, so new services
would have to duplicate this functionality.

Cheers,

Nico
--