[Curdle] Protocol Action: 'GSS-API Key Exchange with SHA2' to Proposed Standard (draft-ietf-curdle-gss-keyex-sha2-10.txt)

The IESG <iesg-secretary@ietf.org> Wed, 07 August 2019 15:58 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: curdle@ietf.org
Delivered-To: curdle@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FD6612045C; Wed, 7 Aug 2019 08:58:59 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.100.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: draft-ietf-curdle-gss-keyex-sha2@ietf.org, curdle@ietf.org, The IESG <iesg@ietf.org>, Daniel Migault <daniel.migault@ericsson.com>, curdle-chairs@ietf.org, daniel.migault@ericsson.com, kaduk@mit.edu, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <156519353957.8454.1747539196416914763.idtracker@ietfa.amsl.com>
Date: Wed, 07 Aug 2019 08:58:59 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/5_S8YIJOgSvJ3RJ2O4XFG8LF9h4>
Subject: [Curdle] Protocol Action: 'GSS-API Key Exchange with SHA2' to Proposed Standard (draft-ietf-curdle-gss-keyex-sha2-10.txt)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 15:59:00 -0000

The IESG has approved the following document:
- 'GSS-API Key Exchange with SHA2'
  (draft-ietf-curdle-gss-keyex-sha2-10.txt) as Proposed Standard

This document is the product of the CURves, Deprecating and a Little more
Encryption Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-curdle-gss-keyex-sha2/




Technical Summary

  This document specifies additions and amendments to SSH GSS-API
   Methods [RFC4462].  It defines a new key exchange method that uses
   SHA-2 for integrity and deprecates weak DH groups.  The purpose of
   this specification is to modernize the cryptographic primitives used
   by GSS Key Exchanges.

Working Group Summary

No serious issues were raised with this document, but it received little
feedback overall. 

Document Quality

The only currently know implementation are patches for OpenSSH in Fedora:
https://src.fedoraproject.org/rpms/openssh/blob/master/f/openssh-7.5p1-gssapi-kex-with-ec.patch


Personnel

Daniel Migault is the document shepherd.
Benjamin Kaduk is the responsible Area Director.


RFC Editor Note

In Section 5.1, sixth paragraph, please remove "according
to Section 4 of [RFC5656]" from the first sentence; that reference
is incorrect and RFC 7546 is (correctly) cited three paragraphs earlier.