Re: applying AES-GCM to secure shell: proposed "tweak"

To: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Date: Fri, 10 Apr 2009 00:58:56 -0400

--On Thursday, April 09, 2009 11:17:08 PM -0500 Nicolas Williams<Nicolas.Williams%sun.com@localhost> wrote:

On Thu, Apr 09, 2009 at 11:42:55AM -0400, Jeffrey Hutzelman wrote:

No, I think the right thing is for the SSH_MSG_OPTION message itself to
be  permitted at any time, and leave it to the definitions of individual
options to specify when an option may be negotiated and when the results
of  that negotiation take effect.

[...]

With regard to the negotiation itself, I think it might be cleaner to
have  three separate messages:


Surely you jest.  Why get so complicated when the much simpler
negotiation through alg names will do?  What value is there in this
complication?


- generality
- allowing the feature to be negotiated for any algorithm, not just
 a particular gcm algorithm, without a cross product explosion

-- Jeff

Follow-Ups:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams

References:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Peter Gutmann
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Jeffrey Hutzelman
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: RE: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index