IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Ben Harris's individual submissions: arcfour-fixes and rsa-kex
In article <1112213215.20951.264.camel@thunk> you write:
>I don't believe either of these is in conflict with existing work in the
>WG; the path of least resistance may be for Ben to submit these as
>individual submissions to the IESG.
I'm happy to do that if there's no interest in turning them into WG drafts.
I'd kind of like to know whether anyone thinks they're worthwhile at all,
though.
>rsa-kex is a weaker kex (as it allows the client to completely determine
>the session key);
I'm not convinced that this is a problem, since K gets hashed with
server-supplied data at least once before it's used, so unless the client
can break the hash function they can't usefully determine the exchange hash
or session keys. If someone can explain why there's a problem here, I may
be able to work out a way around it.
Of course, being weaker isn't the point of rsa-kex; using much less CPU time
on the client side is.
--
Ben Harris
Home |
Main Index |
Thread Index |
Old Index