Re: [Curdle] comments on draft-ietf-curdle-ssh-kex-sha2-05
"Mark D. Baushke" <mdb@juniper.net> Mon, 27 March 2017 08:29 UTC
Return-Path: <mdb@juniper.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4591C129474 for <curdle@ietfa.amsl.com>; Mon, 27 Mar 2017 01:29:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ssuaxXbxq79d for <curdle@ietfa.amsl.com>; Mon, 27 Mar 2017 01:28:58 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0130.outbound.protection.outlook.com [104.47.36.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5803212894A for <curdle@ietf.org>; Mon, 27 Mar 2017 01:28:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=9QSyj3U/ZK/G0KzlY6ienqNfJumXgX6JXO9KT9UwKOI=; b=PXmRiABqZIxT0ASOThI3N3/NbqwSqK2+EGBJxozi5DhQ/Yv1ObHihu4/htl1IKSrRdgFfWgqpdpJEdAxCLmJdfkD8opsyNOAic673o+Z9pl/6id8ZGtOoSeqE9/QmQacAXIiV1aSF2gDb82dCZ7GaI5jJRqJjUsfoinjDjtQHF0=
Received: from BN6PR05CA0004.namprd05.prod.outlook.com (10.174.92.145) by BLUPR05MB308.namprd05.prod.outlook.com (10.141.23.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1005.2; Mon, 27 Mar 2017 08:28:57 +0000
Received: from BN1BFFO11FD044.protection.gbl (2a01:111:f400:7c10::1:137) by BN6PR05CA0004.outlook.office365.com (2603:10b6:405:39::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1005.2 via Frontend Transport; Mon, 27 Mar 2017 08:28:57 +0000
Authentication-Results: spf=softfail (sender IP is 66.129.239.18) smtp.mailfrom=juniper.net; ericsson.com; dkim=none (message not signed) header.d=none;ericsson.com; dmarc=fail action=none header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender)
Received: from p-emfe01a-sac.jnpr.net (66.129.239.18) by BN1BFFO11FD044.mail.protection.outlook.com (10.58.144.107) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.977.7 via Frontend Transport; Mon, 27 Mar 2017 08:28:56 +0000
Received: from p-mailhub01.juniper.net (10.160.2.17) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Mon, 27 Mar 2017 01:28:55 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [172.17.28.114]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id v2R8SstO006119; Mon, 27 Mar 2017 01:28:54 -0700 (envelope-from mdb@juniper.net)
Received: from eng-mail01.juniper.net (localhost [127.0.0.1]) by eng-mail01.juniper.net (Postfix) with ESMTP id 4BCCF11446; Mon, 27 Mar 2017 01:28:54 -0700 (PDT)
To: Daniel Migault <daniel.migault@ericsson.com>
CC: curdle <curdle@ietf.org>
In-Reply-To: <CADZyTkmyY-hTOn8HhYNjKU43DDVHKZn1aM2oQjeSvKJCNjmzzw@mail.gmail.com>
References: <CADZyTkmyY-hTOn8HhYNjKU43DDVHKZn1aM2oQjeSvKJCNjmzzw@mail.gmail.com>
Comments: In-reply-to: Daniel Migault <daniel.migault@ericsson.com> message dated "Sun, 26 Mar 2017 14:29:45 -0500."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Mon, 27 Mar 2017 01:28:54 -0700
Message-ID: <78094.1490603334@eng-mail01.juniper.net>
Sender: mdb@juniper.net
MIME-Version: 1.0
Content-Type: text/plain
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.18; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(39410400002)(39840400002)(39450400003)(2980300002)(189002)(199003)(9170700003)(230783001)(117636001)(7846003)(189998001)(2810700001)(6916009)(2950100002)(305945005)(76176999)(54356999)(50986999)(4326008)(105596002)(5660300001)(53416004)(6266002)(6246003)(110136004)(76506005)(77096006)(7696004)(38730400002)(86362001)(356003)(8936002)(2906002)(81166006)(53936002)(8676002)(106466001)(48376002)(7126002)(47776003)(5003940100001)(50466002)(55016002)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR05MB308; H:p-emfe01a-sac.jnpr.net; FPR:; SPF:SoftFail; MLV:sfv; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BN1BFFO11FD044; 1:QUmpVPHZ8W+cCBtqoKsEuG8WJ+ps/YFBddI1wYoWobmouWBu03WavG92/iKTLXTQ7DQVtaoDeB2XdO2xKeLDsxjT9LCW2tBizsmp9XlR60161eTn0f0Yu8SV+7tWD0pczzl+pDxsd6GvVsRg4lMMvKK3u0XpFpcjiZ5voiScRAGjas+lKynovr2PUL6PTRBLOedln5n3i3UMW2irl8s7snoVAOF2qUT0GnBVqg6G7CfRVeLbmnxDGkKjGppCB28pBhRYFeKm39uCI+ag42yK+cUPnwxQjQsbjjK1S3t/5llf06PP2Vzbo83UnLA3TJDQTQ8atUvya8tyvlGswxQTBguQEIbTAio52eYsscl6UgCcwAQh8968KvcxDTFGT0D0tjXo4z/TJ7947BTIRni55LN7/1E7HUFbITc4zd58rl+MsR0xyxeYjB65QDX3zTNQ5nsOoF+Uzpmy6JuHVQJ0HGEY6dFj9SWvplqrCJChpDwwRjIpK/rEdHFyhmuoNhkKwkx3eEK4QkrG+LLGdVmXz4X6UZXeJ9RUTUFJMTlDuFU1kIwd7O3u9YIhzij49+bM
X-MS-Office365-Filtering-Correlation-Id: 36dd9400-7f8f-4924-2400-08d474eb4fac
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075); SRVR:BLUPR05MB308;
X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB308; 3:o3soF1Z629hWC2K67cgZfYkEa/4kVQxC8B0lm7700/ZVNVI5hIFeS4MMZRe/FTKZ1WHz939JjjpkOK+a6CixA6apmvRw/GcMOlhUeu5R2+4H21l8c5XREOGCZSKM6b0rzcrHMsSi5vlixNubXE8DwpzIp9WVfSJyZh0vn6NIN7Vd2tNP3EBpQHM81yGO0DIW6CN2x/uI+mB6CVudQVr3g5M4w0c0HufTqN77MTkE2/2Ng1Wk/W44huvA2rYq2cNeNwaTTQh4jLSKNe9ijwr1VK+mQ7HzaVSkUP90lrB/04TZ0+tyHtGyNj5gliW1Om9R/LIobYFlSfAVFXWAaTQn7ZR+GmBFZEM53BdsnnlUi5SfN2ubF+m3yIqaj8n4LFTv82PnL77JYgwgfDJggp9TSA==; 25:v2fVHmT6kPuwJgq91xiyA9V109uxMOp+T24sVWHzA61AjOFWOKU9NVpwWUM6A0FH8vNgRdU1Pbj2RVGqbbNCkJ6iLhJMjVd+YRlLsVAJMo7CmAcSdn7SViir7iAggRP5gNbqAAElOT8M3FRwL5Kd0fIWrVcbdQMc5L1SC6uyQIEdkumEdadjojBK3eWx7sbPZa6YzfX6rpRjqhsyNjOozKGaAnFfC3AAvh23u2AoU4U9V/OKL2gEtMBhfh5eUapi3asWS2VRQR6dkewrZHpfiGePQIu3BM7tL//ATghVyIbzh22N2Jg64KyOKxhDYDyKFvcct7gXRSGHWefmHlQeGHxOzaBekk28qmBIeK/mDMXperYA2DVHIFwoEFGpPkEt3anpeRFc6OYL9PhB9ftwxN/rUGFZmEy2atfQGtum3h5q8vQJwE3Mce+Rat104ezWWVR8pswrc/XQAacrqVB0fg==
X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB308; 31:3pp+u/+/fESeBMVeNNXquZmCbhZL2m+xNUGaItRBMdxw8qRJk6GWFpdNOwR30U75Mc4EESQhKK9RI4yn54R7oLMIbjCuhFKgCUlIbqMFuuHSJnV3eqPpdbZIx6S9aEJqMYdLeQrXePfYkXEdbnRans7kXojZTMyAVGvMBNqVnGpI3ejZkjR6uUnsA9Ux1t/Vi1N86VxDbSVKHi9dnfQEQGcAIMcsrYwN2IC51EhDncihC7ElViQN5EME7i0tb7uCQAiu5bMr2bFD5otumMF5sQ==; 20:mtKx5ZklFe7DpPjbp0O3wlmbl29DWF52rVZiE1PioY3bJ3Xwd1T49GMBTUe7A19gnHnDxkuAq5qNaJAy+tzvBzEzDWtpc1a4udk/x1ZQdUy3cRZpqlPihvlK5F/P11xC00kgcc+IC6Ru+pAwxn07fA+3axZlC9lwgCFVoFoA7h6hfmwVJYQE43x6UgovJcKnFv6Q6N5BP6n2ft5NpdAsXumiX4X1Vyb35SvCCgRsw/3PrdvOonixnd9LFgMIwUXXt3FzeYsMPlCd4OQoUlk526hKikdg9BU25KlMT1c2fU1B+PQEZ4tYWINWUJKGwqCXl0q2hlBLIIqrO6E4cJbqnvhf+V9lZNxRZL6P7uCIfnRrxoEO6K7FedAtQg6pzqJeghKIQflHByJYkghlAUrTd5jFytZBg+ZjvSuQ1KiA2v7ftXPdpsORFCzU1q4XrC4z14ZlqmqA0aQRzy3r2ylGiG+xGabiRI/2L7TlbfR2OUfwAo600b5BkP+UkLSEo0YF
X-Microsoft-Antispam-PRVS: <BLUPR05MB308D7165C4E08164EB666A4BF330@BLUPR05MB308.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(37575265505322);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(13015025)(13017025)(5005006)(8121501046)(13024025)(13023025)(13018025)(3002001)(10201501046)(6055026)(6041248)(20161123560025)(20161123558025)(20161123562025)(20161123564025)(20161123555025)(6072148); SRVR:BLUPR05MB308; BCL:0; PCL:0; RULEID:; SRVR:BLUPR05MB308;
X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB308; 4:cWfQji3wEihwW1XpcSV5MFnqAVCkEILy+Br3GIjkB8xAf1KLX/TFFZ+L+JHb8A9fUlhvBU1C3DxgDA6+M7/zw1O7GmwwHAe4+AuF1ph+zC4sGD7nSKfaj60rpbQE3/6nKqj2lLr3UNCBhojJBTlVENcVrbgcbsvyg6s5llQ0CfXOYXM43fRonKhDGJqgQZNCZtQFHZND/wQBB1rhnHtxh2wo1an2EEk/tunPBvNI8WIGtZAvunQ+5nsw7weBiz1FEF4Rghx8FWiywZWtcm5cE8pknJOPgTtz8WALvlaq0BNjE6+obkJ0YKe4LZQYG7mCn7b/9fuCn5yQwm2HP3rcC9VEGlRw2UfHj477Yad1W7NJB44CrX6VY85ebH2EN88DXXl7kWqFeWWQaslG1UJ/uKmMb0GrLLzPw8lkmzNwxggeO3vXfoJ5sxg/74oGcMS1bsbijUJq5hX2AFu19oMWVF8MDMgedpvpqp6z4UfcxxOqW45Dr2Lu9/6qrLz96BIkHpIoMWsXbGwKnYT+3bLfJEp0om883q+n+ZwxS2rV82Mk107fv7gNPKWu5yk0uySUNU8ugD1PTOC0Evyw3IWq+dC+i0sRRy8ZvzUdLazfo2t6b9mLOqCBjfRtQsf4cG1Bxqy/skEt0tXMudvtpGoKTYf34lew/ZJfwHVkybwES3AQVi5RYmkEdqhEVY2nKeIxO9iKg3qPFjzb+5q2JOrMfjflrwYopp3qZXcNGOohDeqF+uFr4G5WymSoLTSE9sy/DGMwd/EHUI9yr1YH6tb6Pg==
X-Forefront-PRVS: 02596AB7DA
X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB308; 23:HoIex38WpzM3ap/MqKLbZy0VlEkJrNsj9OCmKH6BcUjlcG75yFWCAhLGnw8jpSObAhAYlewHLOgp9jOdUddFlLZHcKbHn9sWSVpEuoLug2qXCXgNVt5MipIlQcNRCmMrr21vZbz8S3ZIGxsiAyLRCL10rY7H4CSMReCNclMoOKAMkRxNa4lmVpPPqJ/bvk7iAxVjx3YNT5W2P5GmxUmKyb0xtqXqWdQ5m51UwAoenxY3AXcRIP3zwZ7PXMAF1jA+3RF3QG+XfpkcHL9TmwiSvH60pNNS5dmPnyeYuP/C+5162ZPvtF5qmoEElWJ0zH4YMryuUglgSuupHJyESyAln4C/vhyOzYIwDQymwvcszPpp12P26n/Xn398+3kX2Cz3grT4ZZY8CqwTedDUQnm4Ei1QfE01H3WV0RhE2GV9Po8QdttlDe977AXGh2J0I+Mvo09I2hJdHuYk8D+ld1tsq3eAYANiSZTOqjeKBrbUHVg2ZV94LG3tbzAzkIc01o5v4NBo/gpygf/XFnc3w8zhqljJ1iKoikRATJDYTyTw2wzP++lOtRziqPtw1bpEiwVywePxSGaT+uO+lt8pXr83b9Pv4ANk5/EK7mJbVHcrChTMQXOebO1eC3ac+3QbYEZYrzGbR3QkcIZNFx6IjusRm4agxDKD7fj22H2BG4Xk9L9gKzdVsoswXZQzinsL5PZeVwbD/a7Jz+fksqZnkkJEjpdxpzVCxpOE1AsQjvnUTxrb0R6s0Ta47UE2N4PkldndPqOnqFs4loLvFpiRDrBZ9QIy/LbLfLIviNXIwB/i0ohpsh3l4HejVzQWv3Dnn0ZhY1Mt5+T0S8CoP6+aLflwf2HpwA96QZK7tO110paixm2U5uT3aZVfCgb9fnZTuS+A0u63Ge42VImXkobbHOqtHQf8HeWgx7CBLpAv6sviBR+1seqzGIz95X1J1eF+ZO+zRoqALdqkNWFii6imkSP5y/Di+9EmjgjkyMAZ89pILdXjTTJ87zwPQgZgTYNG/VwDHZCH8VFq0/oUtz+1v3opXYzoXA4+iWu4iw2wmn+AMxJ5G2ySWdLDo1QLgYPHHcbrZkqgLof4qs76xwrLy8+FHODKglaiZox+IJhfIzWFZEKra/cRVQydwYT+s04+DI7x
X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB308; 6:p36fUZlMYNfS/3Q9KlF96PXiw+Ne3ktNXNjQQAWq6oEX42UJpOqmNOrq/rF2Srudle844k1rH9WGvTkvSrR4TaL/rzRp4zxDSJqiAe7cowdaA/NgWRZuKygiHh64czqw91GMcti0ocEy3fh7pTBttOsfdDIr5JuMYInM4R1ElI+z9onqwrKWtT4ACiBszVbdFjuOuk+V5OK0s3UQRjQDrg6XD5DOVIp7ExLFQd7fnFzqZviGDAdmiwJ4Qfq5cp06Zi/AYtBBFRudYbruBHR7P3nINB1v+3NJdjxvanvwD3x1bRBR0+9MYHD5/ampCZ4NvS48eY/IueGjmBkhjl48L87qWhxLG/gY+NNlya39cnB/pb7Qolz6imdGe8/iEyIf/LgDeT2i9draLYchv5kp6DfxyEM1Z5d2+ApzKa156/0=; 5:7NQAmscMBIUux0PKfL5vJ0EucypVoGc72Ker+Y6O1PbOHONFAKu0OXrkuYk/K9XhiwYQlKwXSCWpQiq4C+AyDsdg7YC07Moi5+foIlCAcJSTFhcgJN47vyVvJNvK1N/8Vr1HRvInL3K2zB3G7OVusw==; 24:ZNoh18V9L3rRti25avSrCf0Rf2GS/ucj7jXH+QsEYY+p8cr3moOiySTRcD5NQYtzxLA1tBQoY/FsOkZwrtXbwKz2DNB+kPzz5jJWVdTruvc=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; BLUPR05MB308; 7:gnZ6PjL4EXQoE2nTew0VcK4D02cGYw3z+HBgMg/rZEUBc9AMkQnIkx6ZAniTUXqOvCskrMGBaeisKJ+S1/wL/o9UR8ZTDuGnfTKK7C76aqNg5A/klPc2vV6fnqc3wteFD9LMtHdEHS+G4AJDkuVrK/41+bqCIYv2Zruo7AmeDffUjieANscqv2nc6Vgfc9ibOAGmM68fbDKD3uQS4Hw2GqcKcdtyqB4TALu5bvyS+55GTnC9NFTfeiTkPmFUwVsxCWwzfgn2LmDWuNz3OMYqcAPFFRlJLhhbNYS1bnjoatKHqekaiOjraCntOCT9MKuZ1YPnhcG/F81rq0xotS3nXQ==
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Mar 2017 08:28:56.4532 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR05MB308
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/Sbyb2bxb_0NESJN2Hs92bAKPBNI>
Subject: Re: [Curdle] comments on draft-ietf-curdle-ssh-kex-sha2-05
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 08:29:00 -0000
Daniel Migault <daniel.migault@ericsson.com> writes: > Hi, > > Please find some comments of draft-ietf-curdle-ssh-kex-sha2-05. > > Yours, > Daniel > > I have the impression that only RFC4253 provided some recommendations, in > which case I would be incline to say that the current draft only updates > this document. The other RFC only defines new suites. Good point. RFC 4353 itself suggests that additional key exchange method names will be defined in RFC 4250, but no update to RFC 4250 has been issued. I have changed to update="4353" and removed 4419, 4432, 4462, 5656 from the list in my copy of the draft. I wonder if I need to add RFC4250 to the update list instead of or in addition to 4353? Comments? > I suggest we either use MUST/SHOULD/MAY or REQUIRE/RECOMMEND/OPTIONAL but > not both. I favor MUST/SHOULD/MAY. If you notice any REQUIRE/RECOMMEND/OPTIONAL in the updated draft, it should be corrected before it goes to final call. > Note that if the recommendations for ipsec > [draft-ietf-ipsecme-rfc4307bis] we also introduced some additional > notation such as SHOULD+/- to specify whether the SHOULD is expect to > raise its status or that SHOULD is only here for interoperability. Sure, I can add a section for SHOULD+ and SHOULD- borrowing from that draft. > Note that recommendations are not the purpose of IANA, so I would > probably change the title of the section. Okay. "Guidance for Key Exchange Method Names" ? > The IANA only adds the code points. It is god that you mentioned the > IANA link. I would encourage you to have the URL as an informative > reference. Point taken. I have made the change. > Recommendations should regularly updated so implementations have the > time to introduce new suites or remove old suites while still > providing interoperability. If the starting point is RFC4253, then we > have: > > diffie-hellman-group1-sha1 REQUIRED > diffie-hellman-group14-sha1 REQUIRED > > and all other suites are OPTIONAL or MAY. Correct me if I am wrong, At > least I believe that that appendix section would be useful to comment on > the update with the previous recommendations. You are not wrong, but RFC 4253 does point to 4250 (SSH-NUMBERS) for the official Key Exchange Method Names list in section 4.10. Hmmm... I suppose I need to revisit the Overview and Rational section and partition some of the choices into an appendix ? The diffie-hellman-group1-sha1 uses the RFC2409 Oakley Group 2 1024-bit MODP group prime P, with generator G=2, Q=(p-1)/2. This RFC will recomment MUST NOT for this key exchange method name. The diffie-hellman-group14-sha1 will be moved to SHOULD- primarily because the sha1 is a way to allow transitional implementation overlap. > curve25519-sha256 ssh-curves MUST I believe this to be a SHOULD+ algorithm. > Maybe a MUST statement may be to strong as curves have just been defined. > Maybe that could be SHOULD+ mentioning it is expected to become a MUST next > time. In fact it is usually hard to move from MAY to MUST. If you do so, > reasons should be provided in the text. Currently it seems it is > implemented in libssh and OpenSSH, not sure it is sufficient for a MUST. > > curve448-sha512 ssh-curves MAY > By default, the suites with MAY status are not mentioned. Okay, I will update the list.. > diffie-hellman-group-exchange-sha1 RFC4419 SHOULD NOT > SHA1 is probably at MUST NOT, so I am expected any suites to be MUST NOT. > Because it represents a threat you are likely to move to MUST NOT directly. Reasonable. > diffie-hellman-group-exchange-sha256 RFC4419 MAY > diffie-hellman-group1-sha1 RFC4253 SHOULD NOT > If group 1 is 768-bit MODP Group , I would consider there are two reasons > to have this as MUST NOT. The diffie-hellman-group1-sha1 is a 1024-bit MODP prime (the Oakely Group 2). I agree MUST NOT is better. > diffie-hellman-group14-sha1 RFC4253 SHOULD > My understanding is that this one is kept for interoperability. However, > the text should make it clear this suite will be deprecated soon. Agreed. It is now a SHOULD- > diffie-hellman-group14-sha256 new-modp MUST > diffie-hellman-group15-sha512 new-modp MAY > diffie-hellman-group16-sha512 new-modp SHOULD > diffie-hellman-group17-sha512 new-modp MAY > diffie-hellman-group18-sha512 new-modp MAY > ecdh-sha2-nistp256 RFC5656 SHOULD > ecdh-sha2-nistp384 RFC5656 SHOULD > ecdh-sha2-nistp521 RFC5656 SHOULD > > The current trend is also to reduce the number of suites > implementation. DO we want to have these three suites as SHOULD. We > should also explain what the next step is expected to be. Okay. I think this makes more sense: > ecdh-sha2-nistp256 RFC5656 SHOULD- > ecdh-sha2-nistp384 RFC5656 SHOULD+ The idea being that a number of standards want ECDH/ECDSA and the CNSA-SUITE only approves of nistp384. That said there do exist constant-time impleemntations of SHA2-256 and at least a few non-constant time SHA2-384. A user "SHOULD" implement at least one ECDH hashing algorithm, but it is not clear that there is much choice yet. So, both may be needed. > ecdh-sha2-* RFC5656 MAY > ecmqv-sha2 RFC5656 SHOULD NOT > gss-gex-sha1-* RFC4462 SHOULD NOT > gss-group1-sha1-* RFC4462 SHOULD NOT > gss-group14-sha1-* RFC4462 SHOULD > gss-group14-sha256-* new-modp SHOULD > gss-group15-sha512-* new-modp MAY > gss-group16-sha512-* new-modp SHOULD > gss-group17-sha512-* new-modp MAY > gss-group18-sha512-* new-modp MAY > gss-* RFC4462 MAY > > rsa1024-sha1 RFC4432 SHOULD NOT > Maybe we could set it as MUST NOT both for key size and SHA1. Agreed. > rsa2048-sha256 RFC4432 MAY -- Mark
- [Curdle] comments on draft-ietf-curdle-ssh-kex-sh… Daniel Migault
- Re: [Curdle] comments on draft-ietf-curdle-ssh-ke… Mark D. Baushke