Re: DISCUSS comments on publickeyfile-09

[Russ Housley <housley%vigilsec.com@localhost>]

Joseph:

The replacement introduction looks good, but I have a few editorial 
suggestions below.

>   The SSH protocol supports the use of public/private key pairs
>   in order to perform authentication (public-key authentication.)

... perform authentication based on public-key cryptography.

>   However, in order to use public-key authentication in the SSH
>   protocol, public keys must first be exchanged between client
>   and server.
>
>   This document formally describes an existing public-key file
>   format which can be used with any of the common existing file
>   transfer mechanisms in order to exchange public keys.
>
>   The SSH protocol also uses public/private key pairs to
>   authenticate the server.  In this scenario, it is important
>   to verify that the public key provided by the server is
>   indeed the server's public-key.
>
>   This document describes a mechanism for creating a short text
>   string that uniquilly represents a public-key (fingerprinting)

... that uniquely represents a particular public key, called fingerprinting.

>   for use in manually comparing public keys.



The replacement security considerations text looks good, but I have a few 
editorial suggestions below.

>   The public-key fingerprint method presented here relies on
>   the MD5 hash, which is known to have certain weaknesses

... MD5 one-way hash function, which ...

>   regarding it's collision-resistance; however, the particular
>   use made of MD5 here depends solely on it's 2nd-preimage
>   resistance, not on it's collision-resistance.
>
>   MD5 is used here for historical reasons.

Russ