Re: [psg.com #460] IESG - Transport - Oakley - new proposal

To: Chris Lonvick <clonvick%cisco.com@localhost>, ietf-ssh%NetBSD.org@localhost
Subject: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
From: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Date: Mon, 21 Jun 2004 18:25:24 -0400

On Monday, June 21, 2004 13:41:26 -0700 Chris Lonvick <clonvick%cisco.com@localhost>wrote:

(1)
[TRANSPORT] - revise section 6.5

   Two REQUIRED key exchange method has been defined:


"have"
Otherwise OK.

(2)
[TRANSPORT] - revise section 8.1

OK.

(3)
[TRANSPORT] - add section 8.2

OK.

(4)
[NUMBERS] - Add a line in the current Section 4.3

OK.

(5)
[ARCHITECTURE]  modify 9.2.7 (Security Considerations for TRANS)
Section 9.2.7 discusses Forward Secrecy and PFS, and it specifically
names diffie-hellman-group1-sha1. I'd like to reference both defined
key exchange methods in this section.

Current extract from 9.2.7
   SSH sessions resulting from a key exchange using
   diffie-hellman-group1-sha1 are secure even if private keying/
   authentication material is later revealed, but not if the session
   keys are revealed.  So, given this definition of PFS, SSH does have
   PFS.
Change to:
   SSH sessions resulting from a key exchange using
   diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1
   are secure even if private keying/
   authentication material is later revealed, but not if the session
   keys are revealed.  So, given this definition of PFS, SSH does have
   PFS.

I guess this is OK, but I would still rather refer to TRANS section 8 ingeneral, rather than to only the specific methods we happen to define.


 SSH sessions resulting from a key exchange using the diffie-hellman
 method described in [TRANS] Section 8 (including
 diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1) are
 secure even if private keying/authentication material is later
 revealed, but not if the session keys are revealed.  So, given this
 definition of PFS, SSH does have PFS.

(6)
[ARCHITECTURE]  new section 9.2.8 (Security Considerations for TRANS)
A new section 9.2.8 will be needed to discuss the ordering of key
exchange method proposals.

I guess that text looks OK to me. I've sort of become indifferent on this;I won't object strongly if people don't want to add this sort of text.


-- Jeff

References:
- [psg.com #460] IESG - Transport - Oakley - new proposal
  - From: Chris Lonvick

Prev by Date: [psg.com #460] IESG - Transport - Oakley - new proposal
Next by Date: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Previous by Thread: [psg.com #460] IESG - Transport - Oakley - new proposal
Next by Thread: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Indexes:

Home | Main Index | Thread Index | Old Index