Re: [psg.com #460] IESG - Transport - Oakley

[Nicolas Williams <Nicolas.Williams%sun.com@localhost>]

On Tue, Jun 15, 2004 at 12:41:06PM -0400, Jeffrey Hutzelman wrote:
> <Nicolas.Williams%sun.com@localhost> wrote:
> >Yes, but, I'd like the namespace reservation to be a bit more than just
> >"in our minds" -- though we can't bind subsequent changes to SSHv2 to
> >a group naming policy, we can certainly recommend one in the spec.
> 
> [TRANSPORT]
> 
> 8.1 diffie-hellman-group1-sha1
>   The "diffie-hellman-group1-sha1" method specifies Diffie-Hellman key
>   exchange with SHA-1 as HASH, and Oakley Group 2 [RFC2409] (1024bit
>   MODP Group).  This method MUST be supported for interoperability as all
>   of the known implementations currently support it.  Note that, for
>   historical reasons, this method is named using the phrase "group1"
>   even though it specifies the use of Oakley Group 2.
> 
> 8.2 diffie-hellman-group14-sha1
> 
>   The "diffie-hellman-group14-sha1" method specifies Diffie-Hellman key
>   exchange with SHA-1 as HASH, and Oakley Group 14 [RFC3526] (2048bit
>   MODP Group), and it MUST also be supported.
> 
> 
> [NUMBERS]
> 
> 4.3  Key Exchange Method Names
> 
>   ...
> 
>   Note that, for historical reasons, the name "diffie-hellman-group1-sha1"
>   is used for a key exchange method using Oakley Group 2.  This is
>   considered an aberration and should not be repeated.  Any future
>   specifications of Diffie Hellman key exchange using Oakley groups
>   defined in [RFC2412] or its successors should be named using the
>   group numbers assigned by IANA, and names of the form
>   "diffie-hellman-groupN-sha1" should be reserved for this purpose.

No mention of HASH functions other than SHA-1?  Should there be an IANA
registry for SSHv2 kex names?

Nico
--