data during rekey?

To: ietf-ssh%netbsd.org@localhost
Subject: data during rekey?
From: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Date: Mon, 1 Dec 2003 20:18:36 -0500 (EST)

transport-17 says that

   Implementations MUST NOT accept any other messages after key exchange
   before receiving SSH_MSG_NEWKEYS.

But what about _during_ key exchange?  That is, after KEXINIT but
before the last message of the key exchange?  Must all packets from
KEXINIT through NEWKEYS be transport layer, or is it permissible to
exchange higher-layer packets during that interval?  (Obviously this
can't be done for the first key exchange, but it makes sense when
rekeying.)

Also, when the draft says that an implementation mustn't "accept"
messages, what should it do if any are received?  Silently drop them?
Or is this a protocol error on the part of the host who sent them, to
be treated however the receiver handles protocol errors?

I'll be happy to write the new text for the draft, once I know what it
should say. :-)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse%rodents.montreal.qc.ca@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Follow-Ups:
- Re: data during rekey?
  - From: Niels Möller

Prev by Date: Re: Problems with draft
Next by Date: References to SFTP and SCP
Previous by Thread: Another minor note re drafts
Next by Thread: Re: data during rekey?
Indexes:

Home | Main Index | Thread Index | Old Index