Re: Terrapin

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

>> In the EXT_INFO case, I really think the right thing would have been
>> to make it a global request.
> Unfortunately, you need to send it before userauth if you're going to
> use it to change RSA signature types _during_ userauth.  And global
> requests are part of the ssh-connection subprotocol, [...]

!  Thank you; I wasn't reading carefully enough.

This sounds to me like an argument for something like a global-request
but at the BPP layer, ideally the 1-19 range but that is likely to take
significant time.  I'd use something in the 192-255 range to experiment
with and, if it seems sound, then someone with a stronger stomach for
politics than I can try to get it turned into an RFC.  For
concreteness, I'll propose using 213, which I picked randomly (by
reading single bytes from /dev/urandom until I got one in the right
range), for experimenting.

As a strawman proposal in case this sounds good, I propose a packet
that looks just like GLOBAL_REQUEST but with a different packet type:

	byte		SSH_MSG_whatever_we_call_it
	string		request name
	boolean		want reply
	....		request-specific data

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B