IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [Curdle] sntrup761x25519-sha512





On Tue, May 16, 2023, 12:53 John Mattsson <john.mattsson%ericsson.com@localhost> wrote:

I think it is problematic that the registration procedure for "Key Exchange Method Names" is "IETF Review".

It's really not. Anyone can define a method with a name scoped to a domain name they control. That naming system was designed to allow privately-defined methods to be deployed quickly and interoperably without the need for registration. Names with no @domain suffix are intended for methods defined by the IETF.

Most of the registries are strings so there is no limit to the number of code points.

There is, because those strings have relatively small length limits. 

It would have been good if draft-josefsson-ntruprime-ssh could have made the registration.

It does; that is pretty much the entire point of the draft. Of course, as with any internet-draft, it doesn't actually have any effect until published as an (in this case, IETF-stream) RFC.

This document does not require reopening any WG; the SSH community is no stranger to defining algorithms, methods, and protocol extensions via individual submissions to the IETF.

- I do think IETF should reopen CURDLE for registering the standardized NIST algorithms.

Perhaps, if the intent is to organize work to define use of those algorithms across a variety of protocol suites. Possibly such work would also include updating recommended algorithms for such protocols. Those tasks would be well in line with CURDLE's previous work.

- I think IETF should change the registration policies for the SSH registries.

I don't.  The policies adopted for the various SSH-related registries are the result of careful design and extensive discussion and deliberation. For string identifiers, there is a systematic private extensibility mechanism and a portion of the namespace effectively reserved for the IETF. My memory on this is a little vague at this point, but I seem to recall we already relaxed those from "Standards Action" to "IETF Review", which has the effect that Simon's document need not be on the standards track to register the name.

-- Jeff 


Home | Main Index | Thread Index | Old Index