IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: applying AES-GCM to secure shell: proposed "tweak"



Peter Gutmann wrote:
Nicolas Williams <Nicolas.Williams%sun.com@localhost> writes:

Er, actually, I'm not sure.  It depends on what implementations do with it
now when it's not set to 0.  Hmmm, what does the spec say to do about that
field?  Sadly: nothing, at least not in section 7.1.

Well if it's RFU then it's implied that you ignore it, which has been the practice for RFU fields since at least the 1970s (in things like status flags registers), and probably even earlier but I wasn't playing with computer hardware back then.

How about a quick straw poll, since we've probably got a good number of
implemeters here.  If your implementation sees a non-zero value in the RFU
field, will it:

  1. Ignore it and continue, since it's RFU.
  2. Run Nethack, and failing that, emacs in Towers-of-Hanoi mode.
  3. Reformat the hard drive.
  4. ???
  5. Profit.
Last time we discussed this (extending the transport layer)
I'm pretty sure we had one implementor claiming that for
'paranoia', they were checking that the value was zero.

Can't remember who though.

Thanks,

Joseph



Home | Main Index | Thread Index | Old Index