IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Feedback on draft-ssh-ext-info-00
Appreciated. That looks like a good thing to have, I will request that we implement this.
Damien Miller <djm%mindrot.org@localhost> , 12/3/2015 4:08 AM:
On Thu, 3 Dec 2015, denis bider wrote:
> Another possible way to use the key exchange algorithms field for an
> extension in parallel with EXT_INFO might be to change the way SSH host key
> algorithms are negotiated, for example. The current negotiation rules have
> serious drawbacks, not least that the client has no way of learning the SSH
> server's other host keys if it already trusts one.
You might be interested in:
https://anongit.mindrot.org/openssh.git/tree/PROTOCOL?id=f0191d7c8#n284
Hostkey rotation within the current protocol with no messing around
with KEXINIT.
-d
Home |
Main Index |
Thread Index |
Old Index