Re: agent draft updated

[Simon Tatham <anakin%pobox.com@localhost>]

Damien Miller <djm%mindrot.org@localhost> writes:

> I just uploaded a refreshed version of my ID for the SSH agent protocol
> since the old one had (long) expired.
>
> https://datatracker.ietf.org/doc/draft-miller-ssh-agent/
>
> IMO the agent protocol is widely deployed and is therefore worth
> documenting, so I'd like to see this become an RFC, but I'm not sure
> of the process to get from here to there.

I'd also like to see that.

Can I suggest one change, please? In email to you during March 2020 I
proposed a private key format for ssh-ed448, since that's defined for
the SSH protocol in general but was not defined by your agent protocol,
and you replied to me agreeing that it was the sensible format. So if
the spec is going to be published, can we have that key format added to
it?

My proposal was that ssh-ed448 should work in an exactly analogous way
to ssh-ed25519, except with a 57-byte little-endian string everywhere
that ssh-ed25519 uses a 32-byte one, so that the same formatting code
can handle both key types without any special cases. So when you add an
ed448 key to your agent, you send a 57-byte string containing the public
key, followed by a 114-byte string containing the private key and then
another copy of the public key.

Cheers,
Simon
-- 
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and s%q!=0 and m)(12342649995480866419, 2278082317364501, 1670428356600652640,
5398151833726432125, 645223105888478, 1916678356240619, "<anakin%pobox.com@localhost>"))

-- 
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and s%q!=0 and m)(12342649995480866419, 2278082317364501, 1670428356600652640,
5398151833726432125, 645223105888478, 1916678356240619, "<anakin%pobox.com@localhost>"))