IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Feedback on draft-ssh-ext-info-00
Presence of "rsa-sha2-256" as a host key signature algorithm cannot reliably serve as an indicator for user authentication, because it requires the server to actually have an RSA host key.
The server might only have an ECDSA host key; but may still accept and prefer "rsa-sha2-256" signatures for client authentication.
Or the server might have an ECDSA host key, and NOT accept "rsa-sha2-256" for client authentication, but instead require "rsa-sha2-512".
----- Original Message -----
From: Peter Gutmann
Sent: Wednesday, December 2, 2015 17:14
To: Markus Friedl ; ietf-ssh%netbsd.org@localhost
Cc: Damien Miller
Subject: RE: Feedback on draft-ssh-ext-info-00
Markus Friedl <mfriedl%gmail.com@localhost> writes:
>I'm in the process of implementing draft-rsa-dsa-sha2-256-03 and welcome a
>way for signaling SHA2 support to the client for userauth,
Doesn't the presence of "rsa-sha2-256" do this? The client proposes it, and
if the server supports it, they indicate via the algorithm string. It's
pretty much independent of draft-ssh-ext-info-00 (I know it specifies
"server-sig-algs", but it seems that specifying "rsa-sha2-256" was already
sufficient to indicate this).
Peter.
Home |
Main Index |
Thread Index |
Old Index