IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: I-D ACTION:draft-ietf-secsh-transport-18.txt



Roumen Petrov <openssh%roumenpetrov.info@localhost> writes:

>The "x509v3-sign-rsa" method indicates that the certificates, the public key,
>and the resulting signature are in X.509v3 compatible DER-encoded format. The
>formats used in X.509v3 is described in [RFC-2459]. This method indicates that
>the key (or one of the keys in the certificate) is an RSA-key.

This doesn't actually describe the format - it's about as useful to
implementors as the equivalent reference to PGP sigs (that is, not at all).
These things really should be removed from the spec rather than being left in
an undefined state, or at least marked as reserved for future use.

>To write new draft for 5 lines as some people suggest (see list archive) is
>waste of time.

It's going to take a *lot* more than those 5 lines to define everything, and
since no-one seems to be interested in it, reserving it to be defined in a
separate document is a good idea.  If you really want this so badly, you could
always write the RFC yourself :-).

Peter.



Home | Main Index | Thread Index | Old Index