IETF Logo Mail Archive

Re: [Curdle] Warren Kumari's No Objection on draft-ietf-curdle-ssh-curves-10: (with COMMENT)

Warren Kumari <warren@kumari.net> Tue, 03 September 2019 17:59 UTC

Return-Path: <warren@kumari.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 429DF1208D9 for <curdle@ietfa.amsl.com>; Tue, 3 Sep 2019 10:59:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mSn2Qv-pIobi for <curdle@ietfa.amsl.com>; Tue, 3 Sep 2019 10:59:22 -0700 (PDT)
Received: from mail-qk1-x744.google.com (mail-qk1-x744.google.com [IPv6:2607:f8b0:4864:20::744]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF725120819 for <curdle@ietf.org>; Tue, 3 Sep 2019 10:59:22 -0700 (PDT)
Received: by mail-qk1-x744.google.com with SMTP id f13so16789560qkm.9 for <curdle@ietf.org>; Tue, 03 Sep 2019 10:59:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=lxJhSVNMc4X1TCLAuuDzNcEdw9vG3SlRioG4kZDVN1s=; b=dtWjXGRxfZY15MdOV+GIC7s7+e1WGCmDQTMKfQghl5dEJQ7S4MeZqLigwvS8X/ZJ80 LkWodBTkH2M1PU3wCopVHS1MvmJxMcGnUKYAN52/ONbmBY46wBHlqigPkXR9LQqqUZwI KuJNzd+d5DAIgPjH7se228g9udXj1pN+Xn7vedKJrA33tiM486T80a+4fTqYyixe4u/0 VF4tseSrqh88ISvtXGO2zDekuVegFN4RLMyLFcirE246L679c0A6/2F+GWZx4iWtxR2E tu0ChmQxj1TOvUonvZYnaaScSMJxyNJhuT5t90hjMd4mXIfPBnYIbmmDHEvfGVM1Qliy FOqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=lxJhSVNMc4X1TCLAuuDzNcEdw9vG3SlRioG4kZDVN1s=; b=hmtcvur60R0xExAhjJFFNtLMSnQ30VkAQDO6K0ed7X+Qw4p9wlbOEO0LgVvMmr4IvY wwjsQF0ETt2qlLzQ4zjfxjMabll7FE7q4V98QhFSWJzB4gjy22feOV1mjD6Hh34IJT8C CSxoJVfffhqTfd2+6p0eQcBg9m6WkWFv/uM/P6W4S35zCTAWVTPFoS4mdSYxvM4kI20U Q0CLrqzBVYeb8PW69WZxO8/hTh5it8KAdEvqkODaz7vUIRR6W5Bzthfj1GsNgWQ4tmlK dkK2PTCoxbuifjdU2klnMEq0JEu+tPAS0D30Sws50idNIsFlK7qFWrQ8oX7KAGa0zHkV TJOQ==
X-Gm-Message-State: APjAAAVPPFkunT9pBEBBSdor0wP4be3b9riva6TjuZ6ylx3NzKOfYilH aSe2Ybx8EDjT00n+M3GgNmIaGTlWE7gra0Fh1xaV0g==
X-Google-Smtp-Source: APXvYqx+6+fRSxrYYw3c0+1RPXMZ1CxXlFPLWkQpGyXEK0hrgwNLkAb6EhAaif3WMfKUyB9D7LQP66mBMmaqNm8K4kg=
X-Received: by 2002:a05:620a:709:: with SMTP id 9mr12213867qkc.192.1567533561319; Tue, 03 Sep 2019 10:59:21 -0700 (PDT)
MIME-Version: 1.0
References: <156752357052.9594.7566059219592586096.idtracker@ietfa.amsl.com> <23919.1567526907@contrail-ubm16-mdb.svec1.juniper.net> <27bf18c7-7028-dc2a-54d6-2f98f98e7328@badcode.be> <26773.1567531651@contrail-ubm16-mdb.svec1.juniper.net>
In-Reply-To: <26773.1567531651@contrail-ubm16-mdb.svec1.juniper.net>
From: Warren Kumari <warren@kumari.net>
Date: Tue, 03 Sep 2019 13:58:44 -0400
Message-ID: <CAHw9_iLnE3oj=D52brS-KU0Z4TvOiLDPF2gtgBJDJhkqvZgSbQ@mail.gmail.com>
To: "Mark D. Baushke" <mdb@juniper.net>
Cc: Aris Adamantiadis <aris@badcode.be>, The IESG <iesg@ietf.org>, draft-ietf-curdle-ssh-curves@ietf.org, Daniel Migault <daniel.migault@ericsson.com>, curdle-chairs@ietf.org, curdle@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/QUeWfTpv0aIXxkfF5R7vl4043x0>
Subject: Re: [Curdle] Warren Kumari's No Objection on draft-ietf-curdle-ssh-curves-10: (with COMMENT)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Sep 2019 17:59:37 -0000

On Tue, Sep 3, 2019 at 1:28 PM Mark D. Baushke <mdb@juniper.net> wrote:
>
> Hi Aris & Warren & Ron,
>
> With a two of three majority, I will remove the "Copying Conditions"
> section.
>
> Regardin the key agreement abort. Here is the revised text...
>
>         ...elided...
>                     Alternative implementations of these functions
>         SHOULD abort when either input forces the shared secret to one
>         of a small set of values, as described in Section 7 of
>         [RFC7748].  Clients and servers MUST fail the key exchange if
>         the length of the received public keys are not the expected
>         lengths. An abort for these purposes is defined as a
>         disconnect (SSH_MSG_DISCONNECT) of the session and SHOULD use
>         the SSH_DISCONNECT_KEY_EXCHANGE_FAILED reason for the message
>         <xref target="IANA-REASON"/>.
>         ...elided...
>
> Where IANA-REASON is an information reference to the URL
>
>     http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-3
>
> (which extended the RFC4250 and RFC4253 number space to include private
> values).
>
> Should I upload the latest revision now or wait for more comments?

Whatever you'd like / personal preference.

I personally take the "post early and often" strategy, but other
people prefer batching a bunch of edits.

W

>
>         -- Mark



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

v2.23.0 | Report a Bug | By Email