Re: Eyeballs needed.

[Jacob Nevins <jacobn+secsh%chiark.greenend.org.uk@localhost>]

A couple more comments:

Bill Sommerfeld writes:
> draft-ietf-secsh-dns-05.txt:
>         ftp://ftp.rfc-editor.org/in-notes/authors/rfc4255-diff.html
>         ftp://ftp.rfc-editor.org/in-notes/authors/rfc4255.txt

The following change appears:

|    [5]  Eastlake, D., "Domain Name System Security Extensions", RFC
|         2535, March 1999.

has been changed to

|    [5]   Berc, L., Fenner, W., Frederick, R., McCanne, S., and P.
|          Stewart, "RTP Payload Format for JPEG-compressed Video", RFC
|          2435, October 1998.

That's utterly wrong, surely? The reference to [5] in the body of the
new text is:

|    The method described here can provide out-of-band verification by
|    looking up a fingerprint of the server public key in the DNS [1][2]
|    and using DNSSEC [5] to verify the lookup.

(RFC2535 may not be the correct reference any more; it looks like it
should be one of RFC4033/4/5 these days.)


> draft-ietf-secsh-auth-kbdinteract-07.txt:
>         ftp://ftp.rfc-editor.org/in-notes/authors/rfc4256-diff.html
>         ftp://ftp.rfc-editor.org/in-notes/authors/rfc4256.txt

I echo Jon Bright's comment about the semantic change to the text
about normalizing passwords. However, I make it section 3.4, not
section 8.

In section 7.1 (Normative References), an extra "2005." has snuck in:

|    [SSH-ARCH]      Ylonen, T. and C. Lonvick, Ed., "The Secure Shell
|                    (SSH) Protocol Architecture", RFC 4251, November
|                    2005.  2005.