Re: Proposed Meeting Discussion Items for the Core IDs

[Chris Lonvick <clonvick%cisco.com@localhost>]

Hi Niels,

On Sun, 7 Nov 2004, [iso-8859-1] Niels Möller wrote:

> Chris Lonvick <clonvick%cisco.com@localhost> writes:
>
> > Hopefully we can close a bunch of these and open
> > discussion for the rest.
> >
> >   http://www.employees.org/~lonvick/secsh-wg/ietf61/secshwg.pdf
>
> Some of the issues have already been discussed at some length on the
> list.

Super!  I'd prefer to track them down in the archives rather than re-hash
things.  They must have been discussed before I took over as editor.
Does anyone have any pointers to these discussions and resolutions?  If
not, I'll start digging through the archive but I won't be able to get to
it for a few weeks.

Thanks,
Chris

>
> Ticket 454: triple-des have too few key bits. I think we had consensus
> to "grandfather" triple-des, however that's going to be expressed in
> the spec. I.e. just note that triple-des doesn't quite satisfy the
> requirements, and allow this exception for historical reasons and
> backwards compatibility. I don't think it's a good idea to lower the
> general recommendation on key length from 128 to 96 bits.
>
> Ticket 461: "implicit server authentication". This has been discussed
> on the list, we may even have had some proposed text.
>
> Ticket 462: discouraging use of different algorithm for the two
> directions. This has been discussed at length, I argued that it should
> be allowed and up to local configuration, I don't remember who else
> agreed with that.
>
> I won't be at the meeting, but I think these three issues have been
> discussed thoroughly enough on the list already, so I hope you can get
> something more concrete out of the RL meeting than sending the issues
> back to the mailinglist for another round.
>
> Best regards,
> /Niels
>