Data transfer during key re-exchange

To: ietf-ssh%netbsd.org@localhost
Subject: Data transfer during key re-exchange
From: Jacob Nevins <jacobn+secsh%chiark.greenend.org.uk@localhost>
Date: Fri, 25 Jun 2004 14:35:57 +0100

What happens to "application data" (connection protocol etc) during a
key re-exchange is still not specified by the current transport draft
(transport-18).

This has come up at least three times. The WG decision made by Bill
Sommerfeld[1] was that non-rekey-related traffic should be suspended for
the duration of the rekey, but this was not implemented in the draft.

  [1] 19 Oct 2003, thread 'Some questions about "SSH Transport Layer
      Encryption Modes"', <200310192351.h9JNpxAx004282%thunk.east.sun.com@localhost>

Therefore, I propose the following change for the transport draft:

In section 9 "Key re-exchange", between the last two paragraphs, insert
the following paragraph:

  Once a party has sent a KEXINIT message for key re-exchange, it MUST
  NOT send any messages other than DISCONNECT, IGNORE, and DEBUG;
  NEWKEYS; and key exchange method specific messages (message numbers
  30 to 49); until it has sent a NEWKEYS message.  Note however that
  after sending a KEXINIT message, each party MUST be prepared to
  process an arbitrary number of received messages that may be "in
  flight" before seeing a KEXINIT from the other party.

If anyone has objections, this issue should at least go in the issue
tracker, so it doesn't get lost again.

Follow-Ups:
- Re: Data transfer during key re-exchange
  - From: Joseph Galbraith

Prev by Date: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Next by Date: Re: [psg.com #460] IESG - Transport - Oakley - new proposal
Previous by Thread: [psg.com #460] IESG - Transport - Oakley - new proposal
Next by Thread: Re: Data transfer during key re-exchange
Indexes:

Home | Main Index | Thread Index | Old Index