Re: [Curdle] draft-ietf-curdle-ssh-modp-dh-sha2 & draft-ietf-curdle-ssh-kex-sha2

[Damien Miller <djm%mindrot.org@localhost>]

On Tue, 13 Sep 2016, Mark D. Baushke wrote:

> > IMO these two should be MAY. Most implementations don't support
> > GSSAPI key exchange at all.
> 
> Perhaps I need a paragraph like this one:
> 
>      If GSS-API methods are available, then the RFC4462 REQUIRED
>      gss-group14-sha1-* method SHOULD be retained for compatibility
>      with older Secure Shell implementations and the
>      gss-groups14-sha256-* method SHOULD be added as for "sha1".

Sounds good, and maybe with an asterisk or footnote marker next
to the SHOULD in the main list.

-d