[Curdle] [Technical Errata Reported] RFC9142 (7799)
RFC Errata System <rfc-editor@rfc-editor.org> Wed, 07 February 2024 15:13 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C270C151534 for <curdle@ietfa.amsl.com>; Wed, 7 Feb 2024 07:13:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.359
X-Spam-Level:
X-Spam-Status: No, score=-2.359 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5VtEIPgYRh0R for <curdle@ietfa.amsl.com>; Wed, 7 Feb 2024 07:13:07 -0800 (PST)
Received: from rfcpa.amsl.com (rfcpa.amsl.com [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 869F4C14CE4D for <curdle@ietf.org>; Wed, 7 Feb 2024 07:13:07 -0800 (PST)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 56DF718F0F68; Wed, 7 Feb 2024 07:13:07 -0800 (PST)
To: mbaushke.ietf@gmail.com, rdd@cert.org, paul.wouters@aiven.io, daniel.migault@ericsson.com, rsalz@akamai.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: ben.s3@ncsc.gov.uk, curdle@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20240207151307.56DF718F0F68@rfcpa.amsl.com>
Date: Wed, 07 Feb 2024 07:13:07 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/Y9ogZPcUV_DIyxdEhCxlLt6uY8c>
Subject: [Curdle] [Technical Errata Reported] RFC9142 (7799)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Feb 2024 15:13:11 -0000
The following errata report has been submitted for RFC9142, "Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7799 -------------------------------------- Type: Technical Reported by: Ben S <ben.s3@ncsc.gov.uk> Section: 1.2.1 Original Text ------------- +============+=============================+ | Curve Name | Estimated Security Strength | +============+=============================+ | nistp256 | 128 bits | +------------+-----------------------------+ | nistp384 | 192 bits | +------------+-----------------------------+ | nistp521 | 512 bits | +------------+-----------------------------+ | curve25519 | 128 bits | +------------+-----------------------------+ | curve448 | 224 bits | +------------+-----------------------------+ Corrected Text -------------- +============+=============================+ | Curve Name | Estimated Security Strength | +============+=============================+ | nistp256 | 128 bits | +------------+-----------------------------+ | nistp384 | 192 bits | +------------+-----------------------------+ | nistp521 | 256 bits | +------------+-----------------------------+ | curve25519 | 128 bits | +------------+-----------------------------+ | curve448 | 224 bits | +------------+-----------------------------+ Notes ----- P-521 has approximately 256 bits of security (rather than 512), as per Table 1 of Section 6.1.1 of FIPS 186-5, and Section 9 Paragraph 5 of RFC 5656. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC9142 (draft-ietf-curdle-ssh-kex-sha2-20) -------------------------------------- Title : Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH) Publication Date : January 2022 Author(s) : M. Baushke Category : PROPOSED STANDARD Source : CURves, Deprecating and a Little more Encryption Area : Security Stream : IETF Verifying Party : IESG
- [Curdle] [Technical Errata Reported] RFC9142 (779… RFC Errata System
- Re: [Curdle] [Technical Errata Reported] RFC9142 … Russ Housley
- Re: [Curdle] [Technical Errata Reported] RFC9142 … mbaushke ietf
- Re: [Curdle] [Technical Errata Reported] RFC9142 … Paul Wouters
- Re: [Curdle] [Technical Errata Reported] RFC9142 … Deb Cooley
- Re: [Curdle] [Technical Errata Reported] RFC9142 … Paul Wouters