IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Curve25519/448 key agreement for SSH
What do you find ambiguous about the definition of mpint in RFC 4251? It states:
"Represents multiple precision integers in two's complement format, stored as a string"
That's a reference to the SSH string type defined immediately before mpint, which defines its encoding as uint32 length + data.
I think this is fairly unambiguous? Furthermore, any implementation that has different ideas will already be incompatible with others.
----- Original Message -----
From: Simon Josefsson
Sent: Wednesday, November 25, 2015 17:05
To: ietf-ssh%netbsd.org@localhost
Subject: Re: Curve25519/448 key agreement for SSH
I have submited -03 which adds a MUST check for the all-zero secret, and
clarifies the mpint conversion further -- a reference to section 5 of
RFC 4251 is added which explains this properly. Unfortunately, 4251§5
doesn't say that mpint's are prepended by an uint32 with the length of
the data (or the example is wrong). Please holler if implementations do
not have the uint32 in the mpint that is hashed, or generally if you
believe the new section 2.1 could be clarified further.
https://tools.ietf.org/html/draft-josefsson-ssh-curves-03
/Simon
Home |
Main Index |
Thread Index |
Old Index