Re: DH group exchange (Re: SSH key algorithm updates)

To: "Mark D. Baushke" <mdb%juniper.net@localhost>
Subject: Re: DH group exchange (Re: SSH key algorithm updates)
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Mon, 09 Nov 2015 19:26:17 +0100

"Mark D. Baushke" <mdb%juniper.net@localhost> writes:

> I would therefore really like to see it possible to express all of the
> MODP groups via this new extension if possible.

I still think it is inappropriate to use group-exchange for groups that
are going to be widely used. Widely used groups should be subject to
negotiation. Group-exchange should be used only for ephemeral groups
which each server discard before they get "widely used".

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

References:
- RE: DH group exchange (Re: SSH key algorithm updates)
  - From: Peter Gutmann
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: denis bider
- RE: DH group exchange (Re: SSH key algorithm updates)
  - From: Peter Gutmann
- Re: DH group exchange (Re: SSH key algorithm updates)
  - From: Mark D. Baushke

Prev by Date: Re: DH group exchange (Re: SSH key algorithm updates)
Next by Date: Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
Previous by Thread: RE: DH group exchange (Re: SSH key algorithm updates)
Next by Thread: Re: DH group exchange (Re: SSH key algorithm updates)
Indexes:

Home | Main Index | Thread Index | Old Index