[Curdle] draft-ietf-curdle-ssh-modp-dh-sha2 & draft-ietf-curdle-ssh-kex-sha2

[Tero Kivinen <kivinen%iki.fi@localhost>]

Mark D. Baushke writes:
> Key Exchange Method Name              Reference     Note
> curve25519-sha256                     ssh-curves    MUST
> diffie-hellman-group-exchange-sha1    RFC4419       SHOULD NOT
> diffie-hellman-group1-sha1            RFC4253       SHOULD NOT
> diffie-hellman-group14-sha1           RFC4253       SHOULD
> diffie-hellman-group14-sha256         new-modp      MUST
> diffie-hellman-group16-sha512         new-modp      SHOULD
> ecdh-sha2-nistp256                    RFC5656       SHOULD
> ecdh-sha2-nistp384                    RFC5656       SHOULD
> ecdh-sha2-nistp521                    RFC5656       SHOULD
> gss-gex-sha1-*                        RFC4462       SHOULD NOT
> gss-group1-sha1-*                     RFC4462       SHOULD NOT
> gss-group14-sha1-*                    RFC4462       SHOULD
> gss-group14-sha256-*                  new-modp      SHOULD
> gss-group16-sha512-*                  new-modp      SHOULD
> rsa1024-sha1                          RFC4432       SHOULD NOT

(I remove algorithms with status of MAY, to make it shorter).

That looks mostly ok. Most of the sha1 -> SHOULD NOT, with exception
to the diffie-hellman-group14-sha1 and gss-group-14-sha1-*, which are
still kept as SHOULD for backwards compatible reasons.

The MUSTs are good, but there seems to be quite a lot of SHOULD
versions. Is there really need for that many SHOULD algoritms. For
example is there reason to keep ecdh-sha2-* as SHOULD when
curve25519-sha256 will be MUST?

Also, is there need to update other algorithms, i.e. encryption
algorithms, MAC algorithms, Public key names, comperssion algorithms
etc? Are the implementation requirements for them up to date (I do not
know, as I have no idea which of them are now mandatory to implement,
and which are not). 
-- 
kivinen%iki.fi@localhost