IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: additional core draft nits in need of WG attention.



On Sat, Nov 15, 2003 at 10:57:58AM -0500, Bill Sommerfeld wrote:
> Note that this is somewhat stronger than the plain-english meaning of
> SHOULD.
> 
> Given the current state of the documents (near approval by the IESG),
> I'm extremely reluctant to make a larger change at this point.

I don't like the idea of changing anything at this point.

The documents have been around for years and if this
issue is was important then someone whould have
complained before.

(I even think that allowing asymmetric algorithms
leeds to better implementations, because they
have to be more careful.)

> We can revisit this issue when we move beyond Proposed Standard.
> 
> (The process for advancement to Draft Standard requires that we
> document that all of the protocol features interoperate.  if nobody
> has actually implemented asymmetric algorithms, we can strike it at
> that point).

OpenSSH might support this.

> P.S., There are certainly a few obscure applications where it makes
> sense to use different algorithms in each direction.  One which comes
> to mind is the case of a remote sensor/space probe/etc., where the
> "uplink" is low data-rate management/control traffic, where strong
> integrity protection is required to prevent the probe from being
> hijacked, and the "downlink" is a higher-volume, lower-value data
> stream, where weak integrity protection may be sufficient.

Well, you could also send the request, rekey with different
algorithms, send the reply, rekey again, ...



Home | Main Index | Thread Index | Old Index