Re: draft-rsa-dsa-sha2-256 posted

To: denis bider <ietf-ssh3%denisbider.com@localhost>
Subject: Re: draft-rsa-dsa-sha2-256 posted
From: Damien Miller <djm%mindrot.org@localhost>
Date: Tue, 3 Nov 2015 10:05:06 +1100 (AEDT)

Hi,

Thanks for starting this discussion.

I'm against further use of DSA. Its weaknesses are well documented and
IMO we should deprecate it rather than attempting to renovate it.
The bit in your draft about deterministic k is nice, but it's not a
MUST and many developers will just do the expedient thing and use
whatever their crypto library provides.

You might want to specify rsa-sha512 too.

-d

On Mon, 2 Nov 2015, denis bider wrote:

> I have posted the draft at IETF. Info here:
> 
> 
> ----- Original Message -----
> 
> A new version of I-D, draft-rsa-dsa-sha2-256-00.txt
> has been successfully submitted by Denis Bider and posted to the
> IETF repository.
> 
> Name: draft-rsa-dsa-sha2-256
> Revision: 00
> Title: Use of RSA and DSA Keys with SHA-2 256 in Secure Shell (SSH)
> Document date: 2015-11-01
> Group: Individual Submission
> Pages: 6
> URL:           
> https://www.ietf.org/internet-drafts/draft-rsa-dsa-sha2-256-00.txt
> Status:         https://datatracker.ietf.org/doc/draft-rsa-dsa-sha2-256/
> Htmlized:       https://tools.ietf.org/html/draft-rsa-dsa-sha2-256-00
> 
> Abstract:
>   This memo defines algorithm names, public key formats, and signature
>   formats for use of RSA and DSA keys with SHA-2 256 for server and
>   client authentication in SSH connections.
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
> 
> 
>

References:
- draft-rsa-dsa-sha2-256 posted
  - From: denis bider

Prev by Date: draft-rsa-dsa-sha2-256 posted
Next by Date: Re: SSH key algorithm updates
Previous by Thread: draft-rsa-dsa-sha2-256 posted
Next by Thread: OpenSSH sabotages protocol extension
Indexes:

Home | Main Index | Thread Index | Old Index