Re: [saag] potential new wg - curdle...

[nisse%lysator.liu.se@localhost (Niels Möller)]

"Mark D. Baushke" <mdb%juniper.net@localhost> writes:

> Given that current implementatons of this informational RFC are using
> AEAD_AES_128_GCM and AEAD_AES_256_GCM and all of the standards track
> Cipher algorithms use lowercase with '-' as word separators, I would
> suggest that 'aes128-gcm' and 'aes256-gcm' may be more appropriate and
> that they should NOT be added to the MAC Algorithms Names in IANA.

THe openssh way of ignoring the mac negotiation completely, if an aead
cipher is negotiated, seems nice and simple. How does it interact with
first_kex_packet_follows logic, does that need any clarification (a
simple rule is to say that if both sides advertise the same aead cipher
as the first cipher, then for first_kex_packet_follows purposes, the mac
negotiation is considered successful and correctly guessed)?

Not sure if it has a place in the same rfc, but I think a proper
specification for use aead is quite inportant.

Regards,
/niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.