Re: SSH in ECC Internet Draft

To: ietf-ssh%NetBSD.org@localhost
Subject: Re: SSH in ECC Internet Draft
From: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Date: Sun, 8 Oct 2006 22:30:18 -0400 (EDT)

>>> [...]
>> This makes it sound as though ssh-ecc host keys and ecmqv key
>> exchange are not independent - that it is not possile to use one
>> without the other.  If true, I think this is a bad idea, if only
>> because the negotiation framework does not support this kind of tied
>> negotiation.
> Actually, in this case, we already have that kind of tied
> negotiation.  SSH already supports the notions of signature-capable
> and encryption-capable host keys, and the choice of public-key
> algorithm depends on the selected public-key algorithm.  This
> effectively adds an third key type to that algorithm.

Hmm.  Yes, that's a logically coherent point of view.

I don't like it, though, if only because it takes a special case for
one particular algorithm (or, if you prefer, family of algorithms
currently represented by a single element) and elevates it to being
coëval with generic concepts like signatures and encryption.  It feels
like a level confusion.

If this does stay, I'd prefer to see it spelled out much more
explicitly.

Not that what I think carries any particular authority, mind you....

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse%rodents.montreal.qc.ca@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- SSH in ECC Internet Draft
  - From: Jon Green
- Re: SSH in ECC Internet Draft
  - From: der Mouse
- Re: SSH in ECC Internet Draft
  - From: Ben Harris

Prev by Date: Re: SSH in ECC Internet Draft
Next by Date: Re: SSH in ECC Internet Draft
Previous by Thread: Re: SSH in ECC Internet Draft
Next by Thread: Re: SSH in ECC Internet Draft
Indexes:

Home | Main Index | Thread Index | Old Index