IETF Logo Mail Archive

Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-09.txt

Daniel Migault <daniel.migault@ericsson.com> Mon, 07 August 2017 16:08 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07B9A13263A for <curdle@ietfa.amsl.com>; Mon, 7 Aug 2017 09:08:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vec_O0ZSJ87c for <curdle@ietfa.amsl.com>; Mon, 7 Aug 2017 09:08:10 -0700 (PDT)
Received: from mail-lf0-x233.google.com (mail-lf0-x233.google.com [IPv6:2a00:1450:4010:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95F9B132632 for <curdle@ietf.org>; Mon, 7 Aug 2017 09:08:10 -0700 (PDT)
Received: by mail-lf0-x233.google.com with SMTP id o85so3881038lff.3 for <curdle@ietf.org>; Mon, 07 Aug 2017 09:08:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=DDPEC9+MYtpck+O1EMXppKd2/E1olXCRnw4CTqJHbGg=; b=ALAdspRhg1ovWdeNI2D4vAz3Mn2Sc9EKQjRwOQ+QLXwdiVGlQMFMY7TbFB7mvLjJlI DoXzIQ+6v+/e17q4jwBskV7RFTW34fwxtDSV87kHXCff4ewH/WS+KkpdBLdaRootZfmt K5r0d3yi/KJSfQqQu7xLIMgSTSi+cXRnBy2wo95GM+DaFYgWl/8bJAKXFJNoiPIZlAed JpZIYUxktx28p7ID/T41TqsfPvG8YiFVLhHUym6A0vCtRec/NX74yGdfChKLs4ZhsjIp 8F26aJFAMy6eVLd2FO3YIaGF5xBOnk3AAjgdfKQQj0c9upd4ZkP60oR9GmDHRmjQIQWE aH7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=DDPEC9+MYtpck+O1EMXppKd2/E1olXCRnw4CTqJHbGg=; b=ZTl9hMPSieGPBDV0J7q1e8XfIu6fNrG86I3YVemnz1dYS6NrlsM9II8zDpBwq34SUw 11bcv6V+moQk3xxZqMylWBiKN8kO7093VA1oH8poCzlbGchcAJFTR6XA/viuvhqrN8IZ cPF7i/qogzNSShPmI8Rm3dx3l6i0pq3Vw5qkpiWpPzb2tmWXkM494ZsImPe1fQX9RYE5 ZS3igK1zuvib5CIj5eXLMIjm3RDMZuz6YPGyEz8/Bqq/3N7q6KyoZmHBw6hZZwRm2hxR 2ewYzjiWZqPifo2EFnGNAXxietrsAEoUIBQC/7twfyG+5WCnDq76ozgAyrwSFy6yM+h4 jNkw==
X-Gm-Message-State: AHYfb5gpgtTE6pFza6sFGYcPyM/GaMit9u7On5YpdGT6to86g/WM/VN4 mYv4jpi9MeClXWT63C9dn6dVo6oBaQ==
X-Received: by 10.46.21.20 with SMTP id s20mr317558ljd.147.1502122088847; Mon, 07 Aug 2017 09:08:08 -0700 (PDT)
MIME-Version: 1.0
Sender: mglt.ietf@gmail.com
Received: by 10.46.80.68 with HTTP; Mon, 7 Aug 2017 09:08:08 -0700 (PDT)
In-Reply-To: <50122.1501430873@eng-mail01.juniper.net>
References: <150142547596.17769.2342902440380875523@ietfa.amsl.com> <50122.1501430873@eng-mail01.juniper.net>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Mon, 07 Aug 2017 12:08:08 -0400
X-Google-Sender-Auth: -vvFWdW42_0vZZXdtDK7cyHCC6c
Message-ID: <CADZyTkkgzArFzHtY-CM6q+oH-mrFj5G701GA1GaExp3otWWsoQ@mail.gmail.com>
To: "Mark D. Baushke" <mdb@juniper.net>
Cc: curdle <curdle@ietf.org>, Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="94eb2c1cc94683df9d05562c0dd1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/8NZdbk0PLelWrpg5ygnNJmjBQp0>
Subject: Re: [Curdle] I-D Action: draft-ietf-curdle-ssh-kex-sha2-09.txt
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Aug 2017 16:08:13 -0000

Hi,

We have discussed this draft in session during the IETF99, and Mark updated
the draft accordingly. If you disagree with the update, please provide your
feed backs by Friday August 11.

Here is the summary of the draft:

         Key Exchange Method Name           Reference  Implement
         ---------------------------------- ---------- ----------
         curve25519-sha256                  ssh-curves SHOULD
         diffie-hellman-group-exchange-sha1 RFC4419
<https://tools.ietf.org/html/rfc4419>    SHOULD NOT
         diffie-hellman-group1-sha1         RFC4253
<https://tools.ietf.org/html/rfc4253>    SHOULD NOT
         diffie-hellman-group14-sha1        RFC4253
<https://tools.ietf.org/html/rfc4253>    SHOULD
         diffie-hellman-group14-sha256      new-modp   MUST
         diffie-hellman-group16-sha512      new-modp   SHOULD
         ecdh-sha2-nistp256                 RFC5656
<https://tools.ietf.org/html/rfc5656>    SHOULD
         ecdh-sha2-nistp384                 RFC5656
<https://tools.ietf.org/html/rfc5656>    SHOULD
         gss-gex-sha1-*                     RFC4462
<https://tools.ietf.org/html/rfc4462>    SHOULD NOT
         gss-group1-sha1-*                  RFC4462
<https://tools.ietf.org/html/rfc4462>    SHOULD NOT
         gss-group14-sha256-*               gss-keyex  SHOULD
         gss-group16-sha512-*               gss-keyex  SHOULD
         gss-nistp256-sha256-*              gss-keyex  SHOULD
         gss-nistp384-sha384-*              gss-keyex  SHOULD
         gss-curve25519-sha256-*            gss-keyex  SHOULD
         rsa1024-sha1                       RFC4432
<https://tools.ietf.org/html/rfc4432>    MUST NOT

Yours,

Rich and Daniel


On Sun, Jul 30, 2017 at 12:07 PM, Mark D. Baushke <mdb@juniper.net> wrote:

> Hi,
>
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-ietf-curdle-ssh-kex-sha2/
> >
> > There are also htmlized versions available at:
> > https://tools.ietf.org/html/draft-ietf-curdle-ssh-kex-sha2-09
> > https://datatracker.ietf.org/doc/html/draft-ietf-curdle-ssh-kex-sha2-09
> >
> > A diff from the previous version is available at:
> > https://www.ietf.org/rfcdiff?url2=draft-ietf-curdle-ssh-kex-sha2-09
>
> I have tried to incorporate the feedback provided at IETF 99 into this
> draft.
>
> Hearing no feedback on my suggested changes, I have published a new
> revision.
>
> Please let me know if there are any additional changes needed.
>
>         Thank you,
>         -- Mark
>
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
>

v2.23.0 | Report a Bug | By Email