Re: applying AES-GCM to secure shell: proposed "tweak"

To: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Damien Miller <djm%mindrot.org@localhost>
Date: Thu, 16 Apr 2009 07:36:14 +1000 (EST)

On Wed, 15 Apr 2009, Nicolas Williams wrote:

>  - Retriable initial kex, for example (this is so that GSS-API auth
>    failure need not lead to the connection being closed).  For this I'd
>    use the reserved unsigned 32-bit int in the KEXINIT as a flags field
>    -- if both the client and the server have the flag set for re-triable
>    kex then GSS-API failure should not lead to connection closure.

That is a good idea IMO.

-d

References:
- applying AES-GCM to secure shell: proposed "tweak"
  - From: Tim Polk
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index