Re: [psg.com #460] IESG - Transport - Oakley

[Damien Miller <djm%mindrot.org@localhost>]

Jeffrey Hutzelman wrote:

> I still believe that recommending DH-GEX in the core document is better 
> than doing so only in the DH-GEX document.  People can claim to implement 
> ssh without having ever _read_ the DH-GEX document.

Well, DH-GEX seems to need a little more work than the core docs and it
has not received as much scrutiny. If mentioning a document that will
not likely be published until well after the core docs is deemed
acceptable, then we don't oppose it.

> Other than that, I'm inclined to agree.  We should adopt the groupNN 
> convention informally, but making it a formal parameter seems to invite 
> implementors to interpret other names the same way.
> 
> At this point I don't think we have any disagreement that
> - we should specify diffie-hellman-group14-sha1
> - it should be at least RECOMMENDED (I prefer REQUIRED; who objects?)
> - we should not specify other hashes at this time

Agree.

-d