Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt

To: mbaushke ietf <mbaushke.ietf%gmail.com@localhost>
Subject: Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt
From: Benjamin Kaduk <kaduk%mit.edu@localhost>
Date: Wed, 12 May 2021 12:06:47 -0700

On Wed, May 12, 2021 at 12:04:07PM -0700, mbaushke ietf wrote:
> Hi Folks,
> 
> Other than this change in section 3.1.2 suggested by Simon Tatham
> 
> $ diff -u draft-ietf-curdle-ssh-kex-sha2-17.txt draft-ietf-curdle-ssh-kex-sha2-18.txt
> --- draft-ietf-curdle-ssh-kex-sha2-17.txt	2021-04-22 12:59:36.000000000 -0700
> +++ draft-ietf-curdle-ssh-kex-sha2-18.txt	2021-05-12 12:00:55.000000000 -0700
> @@ -483,12 +483,12 @@
> 
>     Curve448 provides more security strength than Curve25519 at a higher
>     computational and bandwidth cost.  The corresponding key exchange
> -   methods use SHA2-512 (also known as SHA-512) defined in [RFC6234] for
> -   integrity is a reasonable one for both the KDF and integrity for use
> -   with both gss and non-gss uses of curve448 key exchange methods.
> -   These key exchange methods are described in [RFC8731] and [RFC8732]
> -   and are similar to the IKEv2 key agreement described in [RFC8031].
> -   The curve448-sha512 key exchange method MAY be implemented.  The gss-
> +   methods use SHA2-512 (also known as SHA-512) defined in [RFC6234].
> +   SHA2-512 is a reasonable hash in both the KDF and integrity in both
> +   gss and non-gss uses of curve448 key exchange methods.  These key
> +   exchange methods are described in [RFC8731] and [RFC8732] and are
> +   similar to the IKEv2 key agreement described in [RFC8031].  The
> +   curve448-sha512 key exchange method MAY be implemented.  The gss-
>     curve448-sha512-* key exchange method MAY also be implemented because
>     it shares the same performance and security characteristics as
>     curve448-sha512.
> 
> diff -u -r1.1 draft-ietf-curdle-ssh-kex-sha2-18.xml
> --- draft-ietf-curdle-ssh-kex-sha2-18.xml	2021/04/22 19:48:58	1.1
> +++ draft-ietf-curdle-ssh-kex-sha2-18.xml	2021/04/23 06:41:30
> @@ -783,11 +783,11 @@
>              The corresponding key exchange methods use SHA2-512 (also
>              known as SHA-512) defined in
> 
> -            <xref target="RFC6234" format="default"/>
> +            <xref target="RFC6234" format="default"/>.
> 
> -            for integrity is a reasonable one for both the KDF and
> -            integrity for use with both gss and non-gss uses of
> -            curve448 key exchange methods.
> +            SHA2-512 is a reasonable hash in both the KDF and
> +            integrity in both gss and non-gss uses of curve448 key
> +            exchange methods.
> 
>              These key exchange methods are described in
> 
> Is there anything else to be addressed in this draft?

Funnily enough, I was literally looking over the diff as your note arrived.
I will have a similar change in §3.1.1 to make, and maybe a couple other
nits that could be fixed at the same time.

-Ben

References:
- Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt
  - From: mbaushke ietf
- Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt
  - From: James Ralston
- Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt
  - From: mbaushke ietf

Prev by Date: Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt
Next by Date: When SSH standards noncompliance is a "feature"
Previous by Thread: Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-17.txt
Next by Thread: Better handling of SSH_MSG_KEX_DH_GEX_REQUEST
Indexes:

Home | Main Index | Thread Index | Old Index