Re: Feedback on draft-ssh-ext-info-00

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>, Markus Friedl <mfriedl%gmail.com@localhost>, Damien Miller <djm%mindrot.org@localhost>
Subject: Re: Feedback on draft-ssh-ext-info-00
From: denis bider <ietf-ssh3%denisbider.com@localhost>
Date: Thu, 3 Dec 2015 02:06:28 +0000

Presence of "rsa-sha2-256" as a host key signature algorithm cannot reliably serve as an indicator for user authentication, because it requires the server to actually have an RSA host key.

The server might only have an ECDSA host key; but may still accept and prefer "rsa-sha2-256" signatures for client authentication.

Or the server might have an ECDSA host key, and NOT accept "rsa-sha2-256" for client authentication, but instead require "rsa-sha2-512".

----- Original Message -----
From: Peter Gutmann
Sent: Wednesday, December 2, 2015 17:14
To: Markus Friedl ; ietf-ssh%netbsd.org@localhost
Cc: Damien Miller
Subject: RE: Feedback on draft-ssh-ext-info-00

Markus Friedl <mfriedl%gmail.com@localhost> writes:

>I'm in the process of implementing draft-rsa-dsa-sha2-256-03 and welcome a
>way for signaling SHA2 support to the client for userauth,

Doesn't the presence of "rsa-sha2-256" do this? The client proposes it, and
if the server supports it, they indicate via the algorithm string. It's
pretty much independent of draft-ssh-ext-info-00 (I know it specifies
"server-sig-algs", but it seems that specifying "rsa-sha2-256" was already
sufficient to indicate this).

Peter.

Follow-Ups:
- RE: Feedback on draft-ssh-ext-info-00
  - From: Peter Gutmann

Prev by Date: Updated EXT_INFO draft - draft-ssh-ext-info-02
Next by Date: Re: SSH v3?
Previous by Thread: Re: Feedback on draft-ssh-ext-info-00
Next by Thread: RE: Feedback on draft-ssh-ext-info-00
Indexes:

Home | Main Index | Thread Index | Old Index