IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: New version: draft-green-secsh-ecc-06
Damien Miller <djm%mindrot.org@localhost> writes:
>I have to say that I really dislike the Base64(MD5(DER(OID))) encoding of
>curve names into the kex method names. Why not just use the SEC names?
Oh, so it wasn't just me :-). My reaction to seeing this was "did someone
lose a bet or something...".
>Actually, why bake the names into the kex names at all? (as opposed to
>sending a curve spec as a parameter).
This is another case where SSH really needs an extension mechanism like TLS.
In TLS the curve parameters and point formats are negotiated via extensions.
Having said that, in practice everyone (well, among TLS implementors) has
settled on a small number of popular curves and that's it (which is quite
convenient, you don't even have to worry about extensions, just go with P256
and everything'll support it). I'd define a few fixed names for the
well-known curves that everyone ends up using (the NIST ones, basically) and
leave the strange stuff to the usual name@vendor-name mechanism, which is
exactly what it was meant for.
Peter.
Home |
Main Index |
Thread Index |
Old Index