Other comments on draft-ietf-secsh-publickey-subsystem

[Nicolas Williams <Nicolas.Williams%sun.com@localhost>]

On Sun, Aug 27, 2006 at 11:20:29PM -0400, Sam Hartman wrote:

 - I18N, L10N:

> 5) Please use RFC 3066 for language tags.

   And the proper reference for UTF-8 is not RFC2279 either but
   RFC3629/STD0063.

   Also, since SSHv2 itself performs language negotiation, and since
   Unicode provides codepoints for indicating the language of a
   string/sub-string, why does this protocol need a slot for RFC3066
   language tags at all?

   I think you should just remove/deprecate the language tag field and
   rely on the language negotiation performed by SSHv2.


 - I'd rather the "mandatory" attribute of attributes be named
   "critical"...


 - Are attributes like "x11" and so on booleans?  Or does their
   presence/absence act as a boolean?  And if so, what kind of values do
   they take on?


 - Clients need to know what kind of environment "command-override"
   values will be evaluated in.  Should there be a request by which a
   client can ask for a description of said environment, and a status
   reply by which a server can list attributes of the environment like
   the OS it runs, OS release, values of certain environment variables,
   etc...  I would think so, something like:

      string "status"
      uint32 SSH_PUBLICKEY_ENVIRONMENT
      uint32 env_count
        string envvar_name
        string envvar_value

   along with some pre-defined environment variable names, like OS,
   OSREL, ARCH, PATH etc...


 - How should the command-override and subsystem attributes interact?


 - How much of the execution environment of command-overrides be
   specified here?


 - An attribute is needed to set environment variables for the
   environment where the command/shell/subsystem is executed.

Cheers,

Nico
--