IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
Hi denis,
Two questions:
a) Should the draft list all of the Key Exchange Method Names
in the https://www.ietf.org/assignments/ssh-parameters/ssh-parameters.xml
table?
If so, does the following capture the desired state?
Key Exchange Method Name Reference Note
diffie-hellman-group-exchange-sha1 RFC4419 NOT RECOMMENDED
diffie-hellman-group-exchange-sha256 RFC4419 OPTIONAL
diffie-hellman-group1-sha1 RFC4253 NOT RECOMMENDED
diffie-hellman-group14-sha1 RFC4253 OPTIONAL
ecdh-sha2-nistp256 RFC5656 REQUIRED
ecdh-sha2-nistp384 RFC5656 REQUIRED
ecdh-sha2-nistp521 RFC5656 REQUIRED
ecdh-sha2-* RFC5656 OPTIONAL
ecmqv-sha2 RFC5656 OPTIONAL
gss-gex-sha1-* RFC4462 NOT RECOMMENDED
gss-group1-sha1-* RFC4462 NOT RECOMMENDED
gss-group14-sha1-* RFC4462 NOT RECOMMENDED
gss-* RFC4462 OPTIONAL
rsa1024-sha1 RFC4432 NOT RECOMMENDED
rsa2048-sha256 RFC4432 OPTIONAL
diffie-hellman-group14-sha256 This Draft OPTIONAL
diffie-hellman-group15-sha256 This Draft REQUIRED
diffie-hellman-group16-sha512 This Draft RECOMMENDED
diffie-hellman-group17-sha512 This Draft OPTIONAL
diffie-hellman-group18-sha512 This Draft OPTIONAL
Note: I do not know of any rsa2048-sha256 implementations from RFC4432,
I suspect at least someone is using it or it would not be in RFC4432,
who is using it? A similar question for gss-* and RFC4462 comes to mind
as well.
b) Is it desirable to specify all of group 14, 15, 16, 17, and 18 as
to the hashing algorithm to be used NOW? Or, is it better to drop
15 and 17 for now? If so, is it desirable for group14-sha256 to be
REQUIRED, RECOMMENDED, or OPTIONAL ?
diffie-hellman-group14-sha256 This Draft RECOMMENDED
diffie-hellman-group16-sha512 This Draft RECOMMENDED
diffie-hellman-group18-sha512 This Draft OPTIONAL
Thank you for your consideration.
-- Mark
Home |
Main Index |
Thread Index |
Old Index