IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [Curdle] draft-ietf-curdle-ssh-modp-dh-sha2 & draft-ietf-curdle-ssh-kex-sha2
Tero Kivinen <kivinen%iki.fi@localhost> writes:
> Mark D. Baushke writes:
> > > Also, is there need to update other algorithms, i.e. encryption
> > > algorithms, MAC algorithms, Public key names, comperssion algorithms
> > > etc? Are the implementation requirements for them up to date (I do not
> > > know, as I have no idea which of them are now mandatory to implement,
> > > and which are not).
> >
> > Good question. I am not sure if they are all being managed by the Curdle
> > Group or not....
>
> Curdle charter says:
>
> CURDLE - CURves, Deprecating and a Little more Encryption
>
...elided...
> so it seems to fit well to curdle charter, if we deprecate and collect
> mandatory to implement ciphers to one document.
I agree.
> > I am not sure that they all belong in one document or not. It seems
> > like it might be better for each section to have its own document
> > specifying the MUST/SHOULD/MAY/SHOULD NOT advise...
>
> I would suggest we collect all "Algorithm Implementation Requirements
> and Usage Guidance for ssh" in one document here too.
Are we going to adopt all of the SSH changes at one IETF?
Right now, I am the author of two related drafts:
draft-ietf-curdle-ssh-kex-sha2
draft-ietf-curdle-ssh-modp-dh-sha2
they deal with updates to Key Exchange Algorithm Methods.
Of the current CURDLE documents
https://datatracker.ietf.org/wg/curdle/documents/
the only SSH drafts are:
draft-ietf-curdle-rsa-sha2-02
draft-ietf-curdle-ssh-ed25519-00
draft-ietf-curdle-ssh-ext-info-01
draft-ietf-curdle-ssh-kex-sha2
draft-ietf-curdle-ssh-modp-dh-sha2
and the rest are:
draft-ietf-curdle-cms-chacha20-poly1305-01
draft-ietf-curdle-cms-ecdh-new-curves-01
draft-ietf-curdle-cms-eddsa-signatures-00
draft-ietf-curdle-dnskey-eddsa-00
draft-ietf-curdle-pkix-01
I just realized that the
draft-ietf-curdle-ssh-curves-00
draft has expired on September 9, 2016 and not been resubmitted, so
there is no ed25519-sha256 or curve448-sha512 KEX currently in an active
draft.
To the best of my understanding, no draft to add chacha20-poly1305 to
SSH similar to what has been added to OpenSSH has been written.
To the best of my understanding, no draft to fix the AEAD_AES_128_GCM
and AEAD_AES_256_GCM to negotiate in a way similar to OpenSSH have been
written.
Given the current drafts, they appear to impact only:
Key Exchange Method Names:
http://www.iana.org/assignments/ssh-parameters/
ssh-parameters.xhtml#ssh-parameters-16
Public Key Algorithm Names:
http://www.iana.org/assignments/ssh-parameters/
ssh-parameters.xhtml#ssh-parameters-19
Are there any other documents I have missed?
> In draft-ietf-ipsecme-rfc4307bis-12 for IKEv2 we even specified the
> mandatory to implement authentication methods, and recommended key
> lengths (see section 4.1.1). We also provide little bit of background
> reasoning for the MUST/SHOULD/MUST NOT/SHOULD NOT algorithms.
Okay.
-- Mark
Home |
Main Index |
Thread Index |
Old Index