Re: applying AES-GCM to secure shell: proposed "tweak"

To: der Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Thu, 9 Apr 2009 23:31:05 -0500

On Thu, Apr 09, 2009 at 08:47:08PM -0400, der Mouse wrote:
> > How about a quick straw poll, since we've probably got a good number
> > of implemeters here.  If your implementation sees a non-zero value in
> > the RFU field, will it:
> 
> Ignore it.  (I've been considering warning and disconnecting as other
> possible reactions, but haven't seen any compelling reason to prefer
> one over another.  Perhaps it's time for another configuration
> parameter - a little difficult to test, though.)

Given that key exchange is not retriable I think the best thing to do is
to ignore this field and always place a zero there until we define its
meaning.  That will allow us to use it to negotiate new features when
both the client and server advertise them (non-zero values).

Follow-Ups:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse

References:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Peter Gutmann
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Joseph Galbraith
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index