Re: [psg.com #460] IESG - Transport - Oakley

[Nicolas Williams <Nicolas.Williams%sun.com@localhost>]

On Tue, Jun 15, 2004 at 08:34:40AM +1000, Damien Miller wrote:
> Nicolas Williams wrote:
> > I don't think it's a practical problem now, no.
> > 
> > But parametrizing the SSHv2 DH kex (diffie-hellman-group<N>-<hash>)
> > shouldn't hold up publication as long as we quickly reach consensus
> > on the meaning of <N> and <hash>.
> 
> Throughout the protocol, all of these fields are names, not parameters.
> Parametising one but not all may give implemntors the idea that they
> have the ability to pick and choose (e.g. cipher key lengths).

They are names, but there's no reason that we can't parametrize names
for the simple DH kex.  I see no reason why we couldn't let implementors
pick and choose as long as there are required ones for interop.

> I think we should specify diffie-hellman-group1-sha1 (MUST),
> diffie-hellman-group14-sha1 (RECOMMENDED or MUST), perhaps recommend
> DH-GEX (ideally *in* the DH-GEX document when it is advanced) and leave
> it at that.

I don't oppose this.

I do prefer that we parametrize the DH kex in addition, but that is not
essential.  Whatever else we do though, let's make sure that the DH
group namespace is consistent going forward; we can use "group14" or
"group2" now, but then after that we should follow the whichever
convention in adding new groups.

And I do prefer "group14" over "group2" because that places the DH group
namespace control in one place.

Cheers,

Nico
--