Re: agent draft updated

[Simon Tatham <anakin%pobox.com@localhost>]

Damien Miller <djm%mindrot.org@localhost> wrote:
> Sorry for missing that. I've uploaded a new draft with Ed25519 generalised
> to EDDSA:

Looks good, thanks.

Another thing I don't see in this document is how it ties in to the SSH
protocol itself, via agent forwarding. As currently written, this spec
is only useful to people communicating locally with an agent.

I suppose that the current agent-forwarding messages aren't quite
suitable for standardising as they are, because they have @openssh.com
identifiers in the forwarding request and the channel type. But we could
define new synonyms without them, in the usual way when implementation-
specific features get promoted to standards.

(Although we probably shouldn't use the obvious names "auth-agent-req"
and "auth-agent", because those were the names used in the 2002
draft-ietf-secsh-agent which specified a totally different protocol. We
should probably also clarify that that protocol and this one are
unrelated.)

Cheers,
Simon

-- 
for k in [pow(x,37,0x1a1298d262b49c895d47f) for x in [0x50deb914257022de7fff,
0x213558f2215127d5a2d1, 0x90c99e86d08b91218630, 0x109f3d0cfbf640c0beee7,
0xc83e01379a5fbec5fdd1, 0x19d3d70a8d567e388600e, 0x534e2f6e8a4a33155123]]:
 print("".join([chr(32+3*((k>>x)&1))for x in range(79)])) # <anakin%pobox.com@localhost>