Re: Nits in current drafts

To: pgut001%cs.auckland.ac.nz@localhost, ietf-ssh%netbsd.org@localhost
Subject: Re: Nits in current drafts
From: Ben Harris <bjh21%bjh21.me.uk@localhost>
Date: Tue, 22 Feb 2005 14:23:40 +0000

In article <E1D3YL4-0001C5-00%medusa01.cs.auckland.ac.nz@localhost> you write:
>Ben Harris <bjh21%bjh21.me.uk@localhost> writes:
>
>>I think this is a bad idea for the following reasons:
>
>None of those seem valid.  At the moment, the only signature mechanism is ssh-
>xyz (the others are all ambiguous, so in effect they're xyz%vendorname.com@localhost
>mechanisms).  Therefore if a weakness is found in the hash or signature
>algorithm, all implementations will need to be fixed anyway.

That, along with Niels Moller's reply, suggests that your interpretation of
the meaning of your suggested amendment differs from mine.  Could you thus
clarify:

Does your proposed amendment allow an ssh-rsa signature to use any scheme
other than RSASSA-PKCS1-v1_5/SHA-1?

Does your proposed amendment apply to any key format other than those
defined by [SSH-TRANS] (currently ssh-rsa and pgp-sign-rsa)?

If your answers to those questions are other than "no" and "yes"
respectively, my objections are void (though I think your proposal needs to
be clearer).

-- 
Ben Harris

Follow-Ups:
- Re: Nits in current drafts
  - From: Peter Gutmann

References:
- Re: Nits in current drafts
  - From: Ben Harris
- Re: Nits in current drafts
  - From: Peter Gutmann

Prev by Date: Re: Nits in current drafts
Next by Date: Re: Nits in current drafts
Previous by Thread: Re: Nits in current drafts
Next by Thread: Re: Nits in current drafts
Indexes:

Home | Main Index | Thread Index | Old Index