IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: DISCUSS comments on publickeyfile-09
Done...
Thanks,
Joseph
Russ Housley wrote:
> Joseph:
>
> The replacement introduction looks good, but I have a few editorial
> suggestions below.
>
>> The SSH protocol supports the use of public/private key pairs
>> in order to perform authentication (public-key authentication.)
>
> ... perform authentication based on public-key cryptography.
>
>> However, in order to use public-key authentication in the SSH
>> protocol, public keys must first be exchanged between client
>> and server.
>>
>> This document formally describes an existing public-key file
>> format which can be used with any of the common existing file
>> transfer mechanisms in order to exchange public keys.
>>
>> The SSH protocol also uses public/private key pairs to
>> authenticate the server. In this scenario, it is important
>> to verify that the public key provided by the server is
>> indeed the server's public-key.
>>
>> This document describes a mechanism for creating a short text
>> string that uniquilly represents a public-key (fingerprinting)
>
> ... that uniquely represents a particular public key, called
> fingerprinting.
>
>> for use in manually comparing public keys.
>
>
>
> The replacement security considerations text looks good, but I have a
> few editorial suggestions below.
>
>> The public-key fingerprint method presented here relies on
>> the MD5 hash, which is known to have certain weaknesses
>
> ... MD5 one-way hash function, which ...
>
>> regarding it's collision-resistance; however, the particular
>> use made of MD5 here depends solely on it's 2nd-preimage
>> resistance, not on it's collision-resistance.
>>
>> MD5 is used here for historical reasons.
>
> Russ
>
Home |
Main Index |
Thread Index |
Old Index