section 3.3 mentions the possibility of using SSH_FXP_EXTENDED to
negotiate the uses for packet types 210-255, and refers to the
section on the extensions. But the section on extensions (9.) does
not mention a formal way of negotiating usage. How about [...]
Hmmm... I didn't specify this because I don't think we know enough
about how somone might possible use this.
I think this is the right tack to take. Until we have some experience
with such extensions, I think it's premature to standardize how to do
them.
9.1.2 [...]
Done. Do people think this is superior to the MD5 stuff?
I do, because it subsumes the md5-hash stuff: specify an algorithm-list
containing only md5 and it amounts to much the same thing. The only
difference I see is the quick-check stuff, and that can be done too at
the cost of another round trip.
However, there is one unclear spot. It's not clear whether there is
any spec for which algorithms the server supports - the text says that
"[c]urrently supported algorithms are [..list..]", but it's not clear
I can't recall whether anyone caught this before, but in case not: in
9, describing "extended-request", I see "..extensions have use the..",
which needs to have "have" struck.