Minor references problems in transport-22

To: ietf-ssh%netbsd.org@localhost
Subject: Minor references problems in transport-22
From: Ben Harris <bjh21%bjh21.me.uk@localhost>
Date: Thu, 6 Jan 2005 23:34:27 +0000 (GMT)

While working on draft-harris-ssh-rsa-kex, I found a few problems in thecore drafts. Here are the ones from draft-ietf-secsh-transport-22.txt:


It states, regarding ssh-rsa keys:

   Signing and verifying using this key format is done according to
   [SCHNEIER] and [RFC3447] using the SHA-1 hash.

I haven't got a copy of Schneier here, but I do know that RFC 3447specifies two RSA signature schemes, RSASSA-PSS and RSASSA-PKCS1-v1_5.The latter seems to be the scheme that SSH uses, and it should probably bespecified explicitly:


   Signing and verifying using this key format is done according to
   [SCHNEIER] and [RFC3447] using the RSASSA-PKCS1-v1_5 scheme and
   the SHA-1 hash.

On the subject of SHA-1, transport-22 only refers to [SCHNEIER] for itsdefinition, and then only in the context of HMAC. It might be better toreference the NIST document that defines it:


   [FIPS-180-2]
              National Institute of Standards and Technology (NIST),
              "Secure Hash Standard (SHS)", FIPS PUB 180-2, August 2002.

Similarly, for MD5 a reference to RFC 1312 might be appropriate.

--
Ben Harris

Prev by Date: RSA-based key exchange
Next by Date: KEX-specific and USERAUTH-specific message numbers
Previous by Thread: RSA-based key exchange
Next by Thread: KEX-specific and USERAUTH-specific message numbers
Indexes:

Home | Main Index | Thread Index | Old Index