IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
On Thu, 11 Feb 2016, Mark D. Baushke wrote:
> Hi denis,
>
> Two questions:
>
> a) Should the draft list all of the Key Exchange Method Names
> in the https://www.ietf.org/assignments/ssh-parameters/ssh-parameters.xml
> table?
>
> If so, does the following capture the desired state?
>
> Key Exchange Method Name Reference Note
> diffie-hellman-group-exchange-sha1 RFC4419 NOT RECOMMENDED
> diffie-hellman-group-exchange-sha256 RFC4419 OPTIONAL
> diffie-hellman-group1-sha1 RFC4253 NOT RECOMMENDED
> diffie-hellman-group14-sha1 RFC4253 OPTIONAL
> ecdh-sha2-nistp256 RFC5656 REQUIRED
> ecdh-sha2-nistp384 RFC5656 REQUIRED
> ecdh-sha2-nistp521 RFC5656 REQUIRED
> ecdh-sha2-* RFC5656 OPTIONAL
> ecmqv-sha2 RFC5656 OPTIONAL
> gss-gex-sha1-* RFC4462 NOT RECOMMENDED
> gss-group1-sha1-* RFC4462 NOT RECOMMENDED
> gss-group14-sha1-* RFC4462 NOT RECOMMENDED
> gss-* RFC4462 OPTIONAL
> rsa1024-sha1 RFC4432 NOT RECOMMENDED
> rsa2048-sha256 RFC4432 OPTIONAL
> diffie-hellman-group14-sha256 This Draft OPTIONAL
> diffie-hellman-group15-sha256 This Draft REQUIRED
> diffie-hellman-group16-sha512 This Draft RECOMMENDED
> diffie-hellman-group17-sha512 This Draft OPTIONAL
> diffie-hellman-group18-sha512 This Draft OPTIONAL
list looks ok to me
> b) Is it desirable to specify all of group 14, 15, 16, 17, and 18 as
> to the hashing algorithm to be used NOW? Or, is it better to drop
> 15 and 17 for now? If so, is it desirable for group14-sha256 to be
> REQUIRED, RECOMMENDED, or OPTIONAL ?
+1 to dropping the odd-numbered groups and onlist listing group14/16/18
Home |
Main Index |
Thread Index |
Old Index