Re: [Curdle] WG status and rsa-sha2 as public key algorithm
denis bider <denisbider.ietf@gmail.com> Fri, 05 May 2017 10:15 UTC
Return-Path: <denisbider.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8358F129494 for <curdle@ietfa.amsl.com>; Fri, 5 May 2017 03:15:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yl0ygwOY2DMU for <curdle@ietfa.amsl.com>; Fri, 5 May 2017 03:15:37 -0700 (PDT)
Received: from mail-yb0-x22c.google.com (mail-yb0-x22c.google.com [IPv6:2607:f8b0:4002:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F25B129501 for <curdle@ietf.org>; Fri, 5 May 2017 03:15:37 -0700 (PDT)
Received: by mail-yb0-x22c.google.com with SMTP id p143so149057yba.2 for <curdle@ietf.org>; Fri, 05 May 2017 03:15:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=bMEP6I29IbkF/th9c179MmRnf1nUEG2d/6mhRr4y8aM=; b=rrRik44DL9lqkRawB1dhMfgnSaoz3bqYhedGRcZ6TjMVUuCz0gbGdCciMUX82ci3jx mtIm+gVZf7lCONFdwUrimHSpEcRndvnW9TPu8vcdRtIXp8Fi/E3UuRn6lYIFMMRXJLW5 dn+m4J1ei/E/LB7Ohl+rqWow166HIlQasupgu/krU0/w9k+hWORBbSrdCe+2uhVFz6If BwwHRyDgavnDSvatXpO6GKL2LfQciIjtNI79/PNNbale5n2M4p8RqhNQgfQOho8mtot4 LWkTWWZjPDAofaSUcHMwlukHPdQZdQOSnu4zrGO/uDNbBII29C3/X2lFqbAjdkJrJz/u n03g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=bMEP6I29IbkF/th9c179MmRnf1nUEG2d/6mhRr4y8aM=; b=rYjRNQ/SX2TO2dIByJX9h9gyLrdVSM04ysMF985nzBTZi2hsVlJz7VgsPoM5Rxukup qs3Y+wjeFlShyaho4NsgdrcVSiyO0W0UdaY9qIfcHmVdKv8HzKZr5kGJcPJBHak4+gpf C6tTTr6KRjFdejqrPsEBvjduUsBgrF/RhOM1v4vWZKfM0gBPBPNWx/kZGQsoNfOwqOZT 4R3UpTz8S989x7t5qoj6c79KwEgT/iijSVTWFCJir8ZzAdq1TYcsivXmocgsxHElw8lk N9Y3zPi5II+tlgKw9VYsXnBrt+74BMBQpPn9v5tLk4NYrzhn1bkpQfW78QB4Mw7tCBcm sm/A==
X-Gm-Message-State: AN3rC/4C29EGvzSCYeqx1qxTF6Zhf5jGcdUEisuKEx2Ij/pM1/ixm2Y9 6PqhlcogQ9r4CQKubqdQD3WHv488mw==
X-Received: by 10.37.64.20 with SMTP id n20mr39460585yba.39.1493979336147; Fri, 05 May 2017 03:15:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.21.65 with HTTP; Fri, 5 May 2017 03:15:35 -0700 (PDT)
In-Reply-To: <CADPMZDAgByY+ULK-OvxdyNrNF123Q0cZN-xjn2e4oFXT+WprJw@mail.gmail.com>
References: <CADZyTkkd-JpsE89z=P10Y0esc1NCZydD5NqMTs8E5xUz-DMT_g@mail.gmail.com> <58F475B5.4090504@roumenpetrov.info> <CADPMZDBjgpzMKp1UJqWMC_xRZpfce=wOOsE51HwY2dEO73kKeA@mail.gmail.com> <CADPMZDBS3yFxWmioNRV+Vx-ThTPW636ydr1fz76vNP52DjAtZA@mail.gmail.com> <1778170c976e43569d34f051bba51f4c@ustx2ex-dag1mb1.msg.corp.akamai.com> <CADZyTknNkAWHUeqk-BQqYU_6jTGVgPurhqF7=Am7Xk7OT=D-gQ@mail.gmail.com> <CADZyTk=3pZb40upVHPuG8hYEWOCpu2hhdyBpiZ9t5+v2_AYzAQ@mail.gmail.com> <590A2FA0.3070601@roumenpetrov.info> <CADZyTknVERTsAWeU-Gk92_25JvK9otQ_9PLY=m19XM-eVH-efQ@mail.gmail.com> <590ABDAD.6000900@roumenpetrov.info> <CADPMZDB0+SdzYvMEaREHDK1C9dm+TcfehVatVtF8MMah92813A@mail.gmail.com> <590B7E60.8000204@roumenpetrov.info> <CADPMZDCY2gduQ5vGG9DhbnjdhHFOZw0H-xFDs8fu07Pj+nqVPQ@mail.gmail.com> <CADPMZDAgByY+ULK-OvxdyNrNF123Q0cZN-xjn2e4oFXT+WprJw@mail.gmail.com>
From: denis bider <denisbider.ietf@gmail.com>
Date: Fri, 05 May 2017 04:15:35 -0600
Message-ID: <CADPMZDCLiFPJtL0rERT9EA3uvJtL5GifO9pAsU0Me5JiTYzFdA@mail.gmail.com>
To: curdle <curdle@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c029b2a232b2054ec42b1c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/LcdacY8DtYwuCqOoJ5Gjawcyo48>
Subject: Re: [Curdle] WG status and rsa-sha2 as public key algorithm
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 10:15:39 -0000
Talking to Roumen off-list to gain a better understanding of his implementation, and why it has trouble dealing with "server-sig-algs" sent by OpenSSH versions before 7.5. Our implementation does not have trouble. His implementation might though, perhaps due to different combinations of supported algorithms, and/or a different design approach. Trying to understand this better. Will post when I do. On Fri, May 5, 2017 at 12:18 AM, denis bider <denisbider.ietf@gmail.com> wrote: > Although my below response was self-explanatory, it is not sufficient. It > requires elaboration: > > - The extension being specified is already deployed in a variety of > implementations, not only OpenSSH. (See [1] at bottom) > > - Since the draft thus far remains compatible with existing > implementations, changing the name of the extension would break > compatibility. > > - Breaking compatibility with existing implementations requires a > substantive reason. I am currently not aware of a substantive reason to do > this. > > - A problem in particular versions of a particular implementation is not a > substantive reason. Idiosyncrasies of specific implementations are handled > by others recognizing the SSH version string, not diverging the protocol. > > - It is not clear to me that the problem you reference in OpenSSH versions > prior to 7.5 is a problem that needs to be addressed at this level. > > - In a previous message, Damien Miller, who is representative of OpenSSH > in this forum, has expressed a preference to keep the same extension name. > > To be clear, the extension name is not one I'm overly happy with. In fact, > I had changed the name of the extension from "server-sig-algs" to something > more appropriate in an early version of the draft. However, by that time, > another implementation already picked up "server-sig-algs". > > For this reason, I changed the spec back to "server-sig-algs". Although > the name is not ideal, it is now in use; and the name being ideal is > strictly less important than there being one identifier; and one identifier > only; for the same concept, if reasonably possible. > > I stand by this decision, and think it's incorrect to modify the name at > this time, unless the mechanics of the extension are changed in some way > that's fundamental. > > [1] According to this excellent, but at this time slightly outdated > comparison: > > http://ssh-comparison.quendi.de/comparison/hostkey.html > > ... implementations of rsa-sha2-*** public key algorithms include > AsyncSSH, SmartFTP, and OpenSSH. Bitvise SSH Server and Client also support > them, but this is not listed in the chart. This leads me to believe there > may be other implementations also. I know that at least three of these > implementations also implement the "server-sig-algs" extension under its > current name. > > > On Thu, May 4, 2017 at 11:12 PM, denis bider <denisbider.ietf@gmail.com> > wrote: > >> > 10x for new versions. >> >> You don't even have the decency to spell that. >> >> >> > The name of extension "server-sig-algs" must be changed as well. >> >> No fucking way. Fuck off. >> >> >> >> On Thu, May 4, 2017 at 1:17 PM, Румен Петров <pkixssh@roumenpetrov.info> >> wrote: >> >>> Hi denis, >>> >>> denis bider wrote: >>> >>>> Hello everyone, >>>> >>>> in the interest of consensus, I have adopted the requested terminology >>>> changes in the two drafts. What was previously "signature algorithm" is >>>> now >>>> "public key algorithm", and what was previously "public key algorithm" >>>> is >>>> now "public key format". >>>> >>>> Please review and let me know. >>>> >>> 10x for new versions. >>> >>> Main context of *draft-ietf-curdle-rsa-sha2-07.txt* is fine with me. >>> I still think that chapter 4 IANA Considerations could be simplified to >>> list only public key algorithm but this is not so important. >>> The chapter refer to RFC4250 but section 7.1 Normative References lack >>> reference to it. May be is good to list RFC4250 as well. >>> No other remarks. >>> >>> >>> >>> About draft-ietf-curdle-ssh-ext-info-06.txt: >>> The name of extension "server-sig-algs" must be changed as well. >>> First because extension contain abbreviation of signature in name >>> (description is fine), >>> second because existing implementation does not follow rules from >>> RFC4250, section 4.6.1. "Conventions for Names" and >>> third(!) due to broken OpenSSH implementation: " ...where SHA2 RSA >>> signature methods were not being correctly advertised..." fixed in 7.5. >>> >>> >>> [SNIP] >>> >>> Regards, >>> Roumen Petrov >>> >>> >>> _______________________________________________ >>> Curdle mailing list >>> Curdle@ietf.org >>> https://www.ietf.org/mailman/listinfo/curdle >>> >> >> >
- [Curdle] WG status Daniel Migault
- Re: [Curdle] WG status Румен Петров
- Re: [Curdle] WG status Румен Петров
- Re: [Curdle] WG status denis bider
- Re: [Curdle] WG status denis bider
- Re: [Curdle] WG status Румен Петров
- Re: [Curdle] WG status Salz, Rich
- Re: [Curdle] WG status Daniel Migault
- Re: [Curdle] WG status Daniel Migault
- Re: [Curdle] WG status Jim Schaad
- Re: [Curdle] WG status Damien Miller
- Re: [Curdle] WG status and extension negotiation Румен Петров
- Re: [Curdle] WG status and rsa-sha2 as public key… Румен Петров
- Re: [Curdle] WG status and rsa-sha2 as public key… Daniel Migault
- Re: [Curdle] WG status and rsa-sha2 as public key… Румен Петров
- Re: [Curdle] WG status and rsa-sha2 as public key… denis bider
- Re: [Curdle] WG status and rsa-sha2 as public key… Daniel Migault
- Re: [Curdle] WG status and rsa-sha2 as public key… Mark D. Baushke
- Re: [Curdle] WG status and rsa-sha2 as public key… Румен Петров
- Re: [Curdle] WG status and rsa-sha2 as public key… denis bider
- Re: [Curdle] WG status and rsa-sha2 as public key… denis bider
- Re: [Curdle] WG status and rsa-sha2 as public key… denis bider
- Re: [Curdle] WG status and rsa-sha2 as public key… denis bider
- Re: [Curdle] WG status and rsa-sha2 as public key… Daniel Migault