Re: DISCUSS comments on publickeyfile-09

[Joseph Galbraith <galb-list%vandyke.com@localhost>]

Done...

Thanks,

Joseph

Russ Housley wrote:
> Joseph:
> 
> The replacement introduction looks good, but I have a few editorial
> suggestions below.
> 
>>   The SSH protocol supports the use of public/private key pairs
>>   in order to perform authentication (public-key authentication.)
> 
> ... perform authentication based on public-key cryptography.
> 
>>   However, in order to use public-key authentication in the SSH
>>   protocol, public keys must first be exchanged between client
>>   and server.
>>
>>   This document formally describes an existing public-key file
>>   format which can be used with any of the common existing file
>>   transfer mechanisms in order to exchange public keys.
>>
>>   The SSH protocol also uses public/private key pairs to
>>   authenticate the server.  In this scenario, it is important
>>   to verify that the public key provided by the server is
>>   indeed the server's public-key.
>>
>>   This document describes a mechanism for creating a short text
>>   string that uniquilly represents a public-key (fingerprinting)
> 
> ... that uniquely represents a particular public key, called
> fingerprinting.
> 
>>   for use in manually comparing public keys.
> 
> 
> 
> The replacement security considerations text looks good, but I have a
> few editorial suggestions below.
> 
>>   The public-key fingerprint method presented here relies on
>>   the MD5 hash, which is known to have certain weaknesses
> 
> ... MD5 one-way hash function, which ...
> 
>>   regarding it's collision-resistance; however, the particular
>>   use made of MD5 here depends solely on it's 2nd-preimage
>>   resistance, not on it's collision-resistance.
>>
>>   MD5 is used here for historical reasons.
> 
> Russ
>