Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)

To: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Subject: Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
From: "Joel N. Weber II" <ietf-secsh%joelweber.com@localhost>
Date: Thu, 17 Jul 2003 15:46:11 -0400

> But, again, we have the problem that any such messages would not be
> factored into the session ID, thus making downgrade attacks possible.

Are we discussing the mechanism for sending host keys after key
exchange?  If so, the answer is that you wait until after the
SSH_MSG_NEWKEYS, since the whole point of that is to provide keys that
will be useful for rekeying and or for host key veriftication in key
exchange in future connections.

As for SSH_MSG_KEXINIT2, I believe I explained how I propose to
prevent downgrade attacks.

Follow-Ups:
- Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
  - From: Nicolas Williams

References:
- Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
  - From: Nicolas Williams
- Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
  - From: Jeffrey Hutzelman
- Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
  - From: Nicolas Williams
- Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
  - From: Joel N. Weber II
- Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
  - From: Nicolas Williams

Prev by Date: Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
Next by Date: Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
Previous by Thread: Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
Next by Thread: Re: SSH_MSG_KEXGSS_HOSTKEY (was: Re: I-D ACTION:draft-weber-secsh-pkalg-none-00.txt)
Indexes:

Home | Main Index | Thread Index | Old Index