IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [Fwd: [Russ Housley] DISCUSS: draft-ietf-secsh-newmodes-05]
>>>>> "Jeffrey" == Jeffrey Hutzelman <jhutz%cmu.edu@localhost> writes:
Jeffrey> On Monday, August 29, 2005 07:07:01 PM +0100 Ben Harris
Jeffrey> <bjh21%bjh21.me.uk@localhost> wrote:
>> In article <1125337411.453.8.camel@thunk> you write:
>>> Some review comments from Russ Housley.
>> ...
>>>> DISCUSS
>>>>
>>>> All of the encryption modes described in this document are
>>>> RECOMMENDED or OPTIONAL. Why isn't one of them REQUIRED?
>> ...
>>> As a strawman resolution to the DISCUSS comment, how about
>>> making aes128-ctr REQUIRED? (this new requirement has no
>>> effect on implementations which don't claim to implement
>>> newmodes).
>> I'd prefer to make 3des-ctr the REQUIRED algorithm, since all
>> SSH implementations are required to have 3DES code around
>> anyway to support 3des-cbc, so anyone implementing newmodes can
>> put in 3des-ctr support trivially, whereas aes128-ctr might be
>> a lot more effort or even impossible (imagine a small
>> implementation without room for both 3DES and AES).
>>
>> This does raise the question of how to arrange a transition to
>> AES (or whatever) in the longer term, but I don't think it
>> should be done on the back of newmodes.
Jeffrey> Russ's comment notwithstanding, I don't think we actually
Jeffrey> need any of the modes described in newmodes to be
Jeffrey> REQUIRED. It's one thing to say "if you support ssh then
Jeffrey> you MUST support 3des-cbc". It's quite another to say
Jeffrey> "if you support 3des-ctr then you MUST also support
Jeffrey> aes128-ctr" or vice versa. The former insures that ssh
Jeffrey> implementations will be interoperable; the latter does
Jeffrey> not appear to me to add any value.
I tend to agree with Jeff. Note that Russ asked a question; he did
not yet ask for a change. I think someone should answer his question.
--Sam
Home |
Main Index |
Thread Index |
Old Index