--- Begin Message ---
SSH Public Key File Format (Informational)
DISCUSS
The introduction to this document is very lightweight. Please expand
it to provide some context. At a minimum, this needs to say that the
document is about the SSH protocol and the role of public keys. It
is also desirable to cover the trust model, explaining why these
files are very important.
The introduction should be expanded to discuss fingerprints and how
they are used in SSH.
Section 3.4 says:
>
> The body of a public key file consists of the public key blob as
> described in [I-D.ietf-secsh-transport], section 4.6, ...
>
There is no section 4.6 in the referenced document. I assume that
this should be a reference to section 6.6.
The examples in section 3.6 do not seem to match the key blob
description in [I-D.ietf-secsh-transport], section 6.6, which says:
>
> The key type MUST always be explicitly known (from algorithm
> negotiation or some other source). It is not normally included in
> the key blob.
>
But in this context, it is needed. This document should make this
clear with a MUST statement. Note that it is included in each of
the examples. I base64 decoded them and checked.
In section 3.6, please change "me@myhost" to "me%example.com@localhost".
The last paragraph of the security considerations needs to be
expanded to provide a bit of context. MD5 has some known weakness,
but they are not a problem in this situation because ...
--- End Message ---