Re: [Curdle] WG status and rsa-sha2 as public key algorithm

denis bider <denisbider.ietf@gmail.com> Fri, 05 May 2017 05:12 UTC

Return-Path: <denisbider.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FC001293E1 for <curdle@ietfa.amsl.com>; Thu, 4 May 2017 22:12:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t4f8IYuDtbJI for <curdle@ietfa.amsl.com>; Thu, 4 May 2017 22:12:54 -0700 (PDT)
Received: from mail-yw0-x234.google.com (mail-yw0-x234.google.com [IPv6:2607:f8b0:4002:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E94B71293F9 for <curdle@ietf.org>; Thu, 4 May 2017 22:12:53 -0700 (PDT)
Received: by mail-yw0-x234.google.com with SMTP id l135so16225118ywb.2 for <curdle@ietf.org>; Thu, 04 May 2017 22:12:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=DHr7fmcgk0KWpisd9pWfdW2/659dDXxyiyaZaB79Yks=; b=m/QNoPJKhfmP0tdVsGSvRfuUK5hE96bY3udOp2wlqDSQyskmDarJQzMkBvC43Sz/aA KW/jFKrAJ1OmadkrbCHPfbM2dvzJDHK6cWR211TA1f2QiarxIjUDpXAmJ4+vF2N283aL taTXbF+R5Odv0SkgStTYDdCGlL9VW+hFduFxiNFvIeLwIKVEK/dSuo86wr3hwrGqh5nJ 7Mo1R9kQyyNJ29B0j2istXhEC2tPzAhIubAHFCAf4wN6d2R1D//1fadzmRBUaGCGQuCV J75vPNVZg4+WWFY4DlaV+2/6zsx7TU0h3/1nObxZQ+eZhmECj6AxYwvFAic9jNIXmu+A oAFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=DHr7fmcgk0KWpisd9pWfdW2/659dDXxyiyaZaB79Yks=; b=qmQQ1cKlnFrBZTGrtNt31Hwtlqhy8ck0w2UxxwWtcPnqe+zsdWR2r0Eqv+AlartIyL 49n5skHn9VX9CrUhBOI1v/OBGMnoLmc8Hwcu+sBgqkU54EAjWspW0xQbbiFEiukeNndf FOIiufXEu2gjyLmmHNxPApevuuGVTkkU59ndLJX0bXpz1rYQ+rpEZPyfRflj0D6BC7r+ qTn6jTJsomUmFROGEXaHF8esI9WnIY5S8IKo4RuUnZVEqvCTROABzST3s0gM9pdTHEjC wgLrU3JzLo8VT3dAz+f+FiJ1kRSJYSHV3QKrK9rIY5EDOwA/08psOsemU6ysrAL8Ykp1 4yYg==
X-Gm-Message-State: AN3rC/7jwVfluDpH5DK7wVeX/uVkFKsvT1yI1om7RaZq1pqfvS92+0Zz htZPHqbSwqxjVlotoilPJ0tGZ0qx4kL7
X-Received: by 10.129.172.65 with SMTP id z1mr13584866ywj.237.1493961173151; Thu, 04 May 2017 22:12:53 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.21.65 with HTTP; Thu, 4 May 2017 22:12:52 -0700 (PDT)
In-Reply-To: <590B7E60.8000204@roumenpetrov.info>
References: <CADZyTkkd-JpsE89z=P10Y0esc1NCZydD5NqMTs8E5xUz-DMT_g@mail.gmail.com> <58F475B5.4090504@roumenpetrov.info> <CADPMZDBjgpzMKp1UJqWMC_xRZpfce=wOOsE51HwY2dEO73kKeA@mail.gmail.com> <CADPMZDBS3yFxWmioNRV+Vx-ThTPW636ydr1fz76vNP52DjAtZA@mail.gmail.com> <1778170c976e43569d34f051bba51f4c@ustx2ex-dag1mb1.msg.corp.akamai.com> <CADZyTknNkAWHUeqk-BQqYU_6jTGVgPurhqF7=Am7Xk7OT=D-gQ@mail.gmail.com> <CADZyTk=3pZb40upVHPuG8hYEWOCpu2hhdyBpiZ9t5+v2_AYzAQ@mail.gmail.com> <590A2FA0.3070601@roumenpetrov.info> <CADZyTknVERTsAWeU-Gk92_25JvK9otQ_9PLY=m19XM-eVH-efQ@mail.gmail.com> <590ABDAD.6000900@roumenpetrov.info> <CADPMZDB0+SdzYvMEaREHDK1C9dm+TcfehVatVtF8MMah92813A@mail.gmail.com> <590B7E60.8000204@roumenpetrov.info>
From: denis bider <denisbider.ietf@gmail.com>
Date: Thu, 4 May 2017 23:12:52 -0600
Message-ID: <CADPMZDCY2gduQ5vGG9DhbnjdhHFOZw0H-xFDs8fu07Pj+nqVPQ@mail.gmail.com>
To: =?UTF-8?B?0KDRg9C80LXQvSDQn9C10YLRgNC+0LI=?= <pkixssh@roumenpetrov.info>
Cc: curdle <curdle@ietf.org>
Content-Type: multipart/alternative; boundary=f403045ea26e08b989054ebff112
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/OQL4cbwxZWStMUg_TDxRXeBgHRk>
Subject: Re: [Curdle] WG status and rsa-sha2 as public key algorithm
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 05:12:57 -0000

> 10x for new versions.

You don't even have the decency to spell that.


> The name of extension "server-sig-algs" must be changed as well.

No fucking way. Fuck off.



On Thu, May 4, 2017 at 1:17 PM, Румен Петров <pkixssh@roumenpetrov.info>
wrote:

> Hi denis,
>
> denis bider wrote:
>
>> Hello everyone,
>>
>> in the interest of consensus, I have adopted the requested terminology
>> changes in the two drafts. What was previously "signature algorithm" is
>> now
>> "public key algorithm", and what was previously "public key algorithm" is
>> now "public key format".
>>
>> Please review and let me know.
>>
> 10x for new versions.
>
> Main context of *draft-ietf-curdle-rsa-sha2-07.txt* is fine with me.
> I still think that chapter 4 IANA Considerations could be simplified to
> list only public key algorithm but this is not so important.
> The chapter refer to RFC4250 but section 7.1 Normative References lack
> reference to it. May be is good to list RFC4250 as well.
> No other remarks.
>
>
>
> About draft-ietf-curdle-ssh-ext-info-06.txt:
> The name of extension "server-sig-algs" must be changed as well.
> First because extension contain  abbreviation of signature in name
> (description is fine),
> second because existing implementation does not follow rules from RFC4250,
> section 4.6.1. "Conventions for Names" and
> third(!) due to broken OpenSSH implementation: " ...where SHA2 RSA
> signature methods were not being correctly advertised..." fixed in 7.5.
>
>
> [SNIP]
>
> Regards,
> Roumen Petrov
>
>
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
>