IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [saag] potential new wg - curdle...



Niels Möller <nisse%lysator.liu.se@localhost> writes:

> "Mark D. Baushke" <mdb%juniper.net@localhost> writes:
> 
> > Given that current implementatons of this informational RFC are using
> > AEAD_AES_128_GCM and AEAD_AES_256_GCM and all of the standards track
> > Cipher algorithms use lowercase with '-' as word separators, I would
> > suggest that 'aes128-gcm' and 'aes256-gcm' may be more appropriate and
> > that they should NOT be added to the MAC Algorithms Names in IANA.
> 
> THe openssh way of ignoring the mac negotiation completely, if an aead
> cipher is negotiated, seems nice and simple. How does it interact with
> first_kex_packet_follows logic, does that need any clarification (a
> simple rule is to say that if both sides advertise the same aead cipher
> as the first cipher, then for first_kex_packet_follows purposes, the mac
> negotiation is considered successful and correctly guessed)?

I am not sure that first_kex_packet_follows would guess properly because
the first listed algorithm must be the same on both sides and I am not
sure that will be true very often given the number of different host key
algorithms that exist.

> Not sure if it has a place in the same rfc, but I think a proper
> specification for use aead is quite inportant.

Okay.

	Thanks,
	-- Mark



Home | Main Index | Thread Index | Old Index