Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation

To: denis bider <ietf-ssh3%denisbider.com@localhost>
Subject: Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Mon, 09 Nov 2015 19:42:47 +0100

denis bider <ietf-ssh3%denisbider.com@localhost> writes:

> The "ecdsa-sha2-..." algorithm names (RFC 5656) do not use the "ssh-" prefix.
>
> Neither do the new formats in RFC 6187, i.e. "x509v3-rsa2048-sha256"
> and "x509v3-ecdsa-sha2-...".
>
> In my opinion, the "ssh-" prefix is superfluous. The context of SSH is
> implied by where the names are used.

The "ssh-" prefix specifies the encoding to use for keys and signatures.
My understanding is that for ecdsa- and x509v3-, the encoding is
specified by appropiate other standards. While for ssh-rsa and ssh-dss,
the encoding is ssh-specific: It is specified in the ssh transport
protocol (RFC 4253), and include strings like "ssh-rsa" as part of the
encoding.

I belive the new rsa-sha2-256 algorithm name ought to also have an
"ssh-" prefix, because the format is equally ssh specific.

> I think the use of "ssh-" prefixes for all kinds of names was a
> (small) mistake in the original design.

I disagree. And even if it were a small mistake, we should strive to
keep naming consistent.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

References:
- Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
  - From: denis bider

Prev by Date: Re: DH group exchange (Re: SSH key algorithm updates)
Next by Date: Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
Previous by Thread: Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
Next by Thread: Re: Updated RSA SHA-2 draft / New draft: SSH Extension Negotiation
Indexes:

Home | Main Index | Thread Index | Old Index