Re: Your DISCUSS on draft-ietf-secsh-newmodes-05

[der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>]

> My opinion is that AES-CBC and AES-CTR ought to be REQUIRED.  I think
> that the people objecting that it might be too hard to add support
> for additional cipher should be, if they're speaking of their own
> implementations, ashamed of themselves --

Consider something like an implementation on a 68HC11 (an 8-bit
embedded controller I once had some brushes with), where doing ssh at
all, even with just DES, is a tight squeeze, and shoehorning in
Rijndael too is simply impossible.

> or if they're speaking of some hypothetical "other" implementation,
> brought back in touch with reality: adding support for another common
> cipher is just not difficult,

You are thinking of a rather restricted subclass of ssh implementations
when you consider that "reality": probably, implementations on "large"
hardware (32-bit CPUs, multiple megabytes of memory).  Speaking
strictly of such implementations, I agree with you - but I do not
believe they are all there is.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse%rodents.montreal.qc.ca@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B