IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Some questions about "SSH Transport Layer Encryption Modes"
These are more just ideas tossed out to see what thoughts people have on the
topic...
- I can't see any indication of how binding this is (or will be), is it
experimental, informational, or standards-track?
- Section 3 talks about re-keying, but there seems to be some ambiguity in
implementations about how to handle re-keying (specifically, what to do with
data flows in progress when the re-key happens). How viable is the re-
keying approach really?
- From an implementation point of view, how practical is it to require the use
of SDCTR mode? It's not one of the big four (ECB/CBC/CFB/OFB), which makes
it awkward to use with any standard crypto library or crypto hardware
because it has to be manually synthesised from ECB. Conversely, if people
have to implement a nonstandard encryption mode anyway, what about just
going the whole way and using some provable authenticate+encrypt
combination?
Peter.
Home |
Main Index |
Thread Index |
Old Index