IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: SSH in ECC Internet Draft



>>> [...]
>> This makes it sound as though ssh-ecc host keys and ecmqv key
>> exchange are not independent - that it is not possile to use one
>> without the other.  If true, I think this is a bad idea, if only
>> because the negotiation framework does not support this kind of tied
>> negotiation.
> Actually, in this case, we already have that kind of tied
> negotiation.  SSH already supports the notions of signature-capable
> and encryption-capable host keys, and the choice of public-key
> algorithm depends on the selected public-key algorithm.  This
> effectively adds an third key type to that algorithm.

Hmm.  Yes, that's a logically coherent point of view.

I don't like it, though, if only because it takes a special case for
one particular algorithm (or, if you prefer, family of algorithms
currently represented by a single element) and elevates it to being
coëval with generic concepts like signatures and encryption.  It feels
like a level confusion.

If this does stay, I'd prefer to see it spelled out much more
explicitly.

Not that what I think carries any particular authority, mind you....

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse%rodents.montreal.qc.ca@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B



Home | Main Index | Thread Index | Old Index