[Curdle] Introducing draft-ssorce-gss-keyex-sha2
Simo Sorce <simo@redhat.com> Tue, 13 December 2016 21:16 UTC
Return-Path: <simo@redhat.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 992E51299C5 for <curdle@ietfa.amsl.com>; Tue, 13 Dec 2016 13:16:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.798
X-Spam-Level:
X-Spam-Status: No, score=-9.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id olfhQB5yrCOa for <curdle@ietfa.amsl.com>; Tue, 13 Dec 2016 13:16:33 -0800 (PST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 612901299DF for <curdle@ietf.org>; Tue, 13 Dec 2016 13:15:19 -0800 (PST)
Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 285E880F9E for <curdle@ietf.org>; Tue, 13 Dec 2016 21:15:12 +0000 (UTC)
Received: from ovpn-116-74.phx2.redhat.com (ovpn-116-74.phx2.redhat.com [10.3.116.74]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id uBDLF9e4025998 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <curdle@ietf.org>; Tue, 13 Dec 2016 16:15:11 -0500
Message-ID: <1481663708.3127.63.camel@redhat.com>
From: Simo Sorce <simo@redhat.com>
To: curdle@ietf.org
Date: Tue, 13 Dec 2016 16:15:08 -0500
Organization: Red Hat, Inc.
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 13 Dec 2016 21:15:12 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/H6ZZGEbeo7bsmDa3vnMtQQdbDEc>
Subject: [Curdle] Introducing draft-ssorce-gss-keyex-sha2
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Dec 2016 21:16:34 -0000
Hello Curdle list, For quite a while I and Hubert (co-author) have been thinking of updating the GSSAPI Key Exchange algorithms for SSH which are still using SHA-1 Hashes, so I just uploaded a first revision here[1]. As it happens by the time we got to write a proposal and looked at the references section we found out that Mark Baushke had started expanding a related draft[2] to cover gss- methods. However Mark's draft just allocated new names to extend only the existing FFDH methods. Our intent was not only to allocate names, but to describe the new FFDH's according to previous drafts as well as introduce new ECDH based methods to keep this key exchange in line with the standard public key based key exchange. We discussed this with Mark and he proposed we go ahead and propose a separate draft, so with Chair's permission we'd like to ask for adoption of this draft to complement the work started by Mark in[2]. We already plan to add more text in some of the vague parts that reference ECDH keys verification, we would also like to discuss a possible additional extension to the GSS exchange method that would use Gss_Wrap()/Unwrap() instead of GSS_get/verify_mic(). Any comment and feedback is welcome. Simo. [1] https://www.ietf.org/id/draft-ssorce-gss-keyex-sha2-00.txt [2] https://www.ietf.org/id/draft-ietf-curdle-ssh-kex-sha2-05.txt -- Simo Sorce * Red Hat, Inc * New York