Re: draft-bjh21-ssh-transport-extension-00

To: jhutz%cmu.edu@localhost
Subject: Re: draft-bjh21-ssh-transport-extension-00
From: Ben Harris <bjh21%bjh21.me.uk@localhost>
Date: Wed, 21 Feb 2007 23:26:22 +0000

In article <367C1CA6E28DA462F2F0F0AA%sirius.fac.cs.cmu.edu@localhost> you write:
>I think it is probably worth noting that anyone defining a standards-track 
>extension requiring a new transport-level message would now have a choice 
>as to whether to allocate a new message type number or used a named type. 
>This decision would presumably be made on the basis of whether there are 
>performance implications which make it a good idea to consume a number.

I've added something like that to the end of the introduction.

>I think the advice you give in the security considrations section is 
>misplaced.  The question of whether to send a message prior to completion 
>of the initial key exchange depends on the semantics of the message in 
>question and whether it can live with the lack of integrity protection. 
>While it's pretty likely that the number of such messages is small and they 
>have all already been defined, there is no guarantee of that.  In any 
>event, the question is unrelated to the use of named message types; it 
>would apply equally to messages using new numbers.

This is true and I've dropped that paragraph.  It really belongs in a 
"security considerations for extending SSH" document which doesn't exist 
yet.

I'll upload -01 tonight.

-- 
Ben Harris

References:
- draft-bjh21-ssh-transport-extension-00
  - From: Ben Harris
- Re: draft-bjh21-ssh-transport-extension-00
  - From: Jeffrey Hutzelman

Prev by Date: Re: draft-bjh21-ssh-transport-extension-00
Next by Date: X.509
Previous by Thread: Re: draft-bjh21-ssh-transport-extension-00
Next by Thread: Re: draft-bjh21-ssh-transport-extension-00
Indexes:

Home | Main Index | Thread Index | Old Index