Re: I-D ACTION:draft-ietf-secsh-filexfer-08.txt

[der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>]

>> section 3.3 mentions the possibility of using SSH_FXP_EXTENDED to
>> negotiate the uses for packet types 210-255, and refers to the
>> section on the extensions.  But the section on extensions (9.) does
>> not mention a formal way of negotiating usage.  How about [...]
> Hmmm... I didn't specify this because I don't think we know enough
> about how somone might possible use this.

I think this is the right tack to take.  Until we have some experience
with such extensions, I think it's premature to standardize how to do
them.

>> 9.1.2 [...]
> Done.  Do people think this is superior to the MD5 stuff?

I do, because it subsumes the md5-hash stuff: specify an algorithm-list
containing only md5 and it amounts to much the same thing.  The only
difference I see is the quick-check stuff, and that can be done too at
the cost of another round trip.

However, there is one unclear spot.  It's not clear whether there is
any spec for which algorithms the server supports - the text says that
"[c]urrently supported algorithms are [..list..]", but it's not clear
whether that means all servers MUST support all of them, or those are
the algorithms supported by all known implementations, or those are the
algorithms supported by any known implementations, or those are the
algorithms that may be used without DNS extension syntax but there is
no intent to imply that anyone does/should/must support any of them, or
perhaps even something else.

I can't recall whether anyone caught this before, but in case not: in
9, describing "extended-request", I see "..extensions have use the..",
which needs to have "have" struck.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse%rodents.montreal.qc.ca@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B