Re: applying AES-GCM to secure shell: proposed "tweak"

To: der Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Tue, 2 Jun 2009 13:39:14 -0500

On Fri, Apr 10, 2009 at 01:57:37AM -0400, der Mouse wrote:
> > BTW, I would love to use the reserved field of KEXINIT to negotiate
> > retriable key exchagne (a big deal for gss keyex).
> 
> Why?  Why not just have the gss kex define its kex-method-specific
> messages so as to permit multiple back-and-forths, retrying as much as
> necessary to find something suitable?

Because we didn't do that to begin with.  We should have.  We didn't.

> Actually, perhaps the best way to answer that would be to sketch the
> semantics for the retryable-kex bit you'd like to define; then I could
> probably see what the issue is (or suggest a way that doesn't break
> interoperability that badly, using existing facilities).

Simple: if key-ex fails, then the client can re-send KEXINIT, the server
then responds with its KEXINIT, and the process starts all over.

Nico
--

References:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Peter Gutmann
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Jeffrey Hutzelman
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Jeffrey Hutzelman
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse

Prev by Date: Re: New Version Notification for draft-green-secsh-ecc-07
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index