Re: [psg.com #460] IESG - Transport - Oakley

[Nicolas Williams <Nicolas.Williams%sun.com@localhost>]

On Mon, Jun 14, 2004 at 09:18:55PM -0400, der Mouse wrote:
> >>> But parametrizing the SSHv2 DH kex (diffie-hellman-group<N>-<hash>)
> >>> shouldn't hold up publication as long as we quickly reach consensus
> >>> on the meaning of <N> and <hash>.
> >> Throughout the protocol, all of these fields are names, not
> >> parameters.  Parametising one but not all may give implemntors the
> >> idea that they have the ability to pick and choose (e.g. cipher key
> >> lengths).
> > They are names, but there's no reason that we can't parametrize names
> > for the simple DH kex.  I see no reason why we couldn't let
> > implementors pick and choose as long as there are required ones for
> > interop.
> 
> By parameterizing, here, are we talking about something like
> 
> 	diffie-hellman-groupN-HASH is a valid method name for any N for
> 	which $REFERENCE defines a group, and any HASH for which
> 	<blah>.

Though I have no fundamental objections to this, it does seem to go too
far.

> or are we talking about
> 
> 	diffie-hellman-groupN-HASH is a method name; the first protocol
> 	packet contains the group number and the hash name ...

No.

> or are we talking about standardizing group14-sha1 and group1-sha1 and,
> in our own minds, reserving the rest of the diffie-hellman-group%d-%s
> namespace for future specification along similar lines?

Yes, but, I'd like the namespace reservation to be a bit more than just
"in our minds" -- though we can't bind subsequent changes to SSHv2 to
a group naming policy, we can certainly recommend one in the spec.

Nico
--