Re: [Curdle] RFC 8308 on Extension Negotiation in the Secure Shell (SSH) Protocol

Peter Gutmann <> Wed, 21 March 2018 05:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D2E2D12D941 for <>; Tue, 20 Mar 2018 22:49:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QteTVUjnwbTH for <>; Tue, 20 Mar 2018 22:49:05 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 41AFE12D7E6 for <>; Tue, 20 Mar 2018 22:49:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=mail; t=1521611345; x=1553147345; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=7GCt5YSiSUUOalDGSpYvfjq03NaYWDRR0OzkD1898sw=; b=DPVX7CuIyYP4W2t5Xqn25VEb0JLNrNG0FfrvdhkUL8U30L7SWFQrCYtW F5iNEmVJLXdKEO/Fxp7tCiDVzfq/vrTmvkbWy/7Er27hqykhuzULKlFgw R0ua5NXWamOlf7R+nhk9fvvgA2ZKsW06LfPeU7GKYPumbSOJMRAhWFKap wgpx/ezrHsDMMc3OufWUNHkeTgz1hzzmJYiGhcDG2K1Tb1AYtJPghv+b4 azCOvSvuTx9CACcseqlO1W74lz2L2FPz72Be3Q4f1IfapSqzM3mTYZap8 3tK5hef2hXISEEWj5iEWvA1WvH+vdltzLxiS410kuLX/Kr9MSZySDGohW A==;
X-IronPort-AV: E=Sophos;i="5.48,338,1517828400"; d="scan'208";a="4885413"
X-Ironport-Source: - Outgoing - Outgoing
Received: from (HELO ([]) by with ESMTP/TLS/AES256-SHA; 21 Mar 2018 18:48:59 +1300
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 21 Mar 2018 18:48:58 +1300
Received: from ([]) by ([]) with mapi id 15.00.1263.000; Wed, 21 Mar 2018 18:48:58 +1300
From: Peter Gutmann <>
To: denis bider <>
CC: "" <>
Thread-Topic: [Curdle] RFC 8308 on Extension Negotiation in the Secure Shell (SSH) Protocol
Thread-Index: AQHTv9DqTztCRMPgtUCAF40z/7haeKPY3waBgAAapACAATcpaQ==
Date: Wed, 21 Mar 2018 05:48:57 +0000
Message-ID: <>
References: <> <>, <>
In-Reply-To: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Curdle] RFC 8308 on Extension Negotiation in the Secure Shell (SSH) Protocol
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 21 Mar 2018 05:49:12 -0000

denis bider <> writes:

>That depends - which extensions do you have in mind to test? In what way in
>particular would you like to test them?

It was actually meant for both of the new RFCs, the RSA one to regression-test
that nothing has broken since versions based on the drafts were written (e.g.
in regard to fixed- vs variable-length RSA blocks :-), the extension one just
to check that extensions sent and received are correctly handled without
anything choking.  The actual extension doesn't matter, just the message flow

>If you are looking for "server-sig-algs", this is by now fairly widely
>implemented in e.g. the latest versions of OpenSSH, and Bitvise SSH Server
>and Client versions 7.xx.

OK, I'll see if I can set up a recent OpenSSH to bounce some messages off.  I
just want to make sure that both RSA and extension messages are handled