[Curdle] comments on draft-ietf-curdle-ssh-kex-sha2-09

Daniel Migault <daniel.migault@ericsson.com> Tue, 19 December 2017 21:11 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 784BC124239; Tue, 19 Dec 2017 13:11:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id wqyTFDdC-RTH; Tue, 19 Dec 2017 13:10:59 -0800 (PST)
Received: from mail-lf0-x232.google.com (mail-lf0-x232.google.com [IPv6:2a00:1450:4010:c07::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 875781200FC; Tue, 19 Dec 2017 13:10:58 -0800 (PST)
Received: by mail-lf0-x232.google.com with SMTP id x204so21679133lfa.11; Tue, 19 Dec 2017 13:10:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to:cc; bh=q/1LVIyjRLzotL4uM94ki1buEoAut2+qhWwjL7Gxipk=; b=b5QONCadhMoQ+AoxRXkfnfJsr3JnCtb+6Egj93Pt0o48pGESn3R1jdhWT0rprRhMCy xFUiHg1anSQ6nv7S/UWk8mk+NW8qeXqTxlxOBzOGfz4lB805X+1dJj6qqP0fu5yZJ7ZI BeWpw1mYOzT5bjvjlolcHgfgaOgCZNujyMXOuqSTUBLpttUE7uYLvO+Pf6dgPm5Q3GeW m9NAP3+n50m2yDAL/8lrdeJqCWhN+KrhQexP2SLeX9i3Skwzzb1iifNLNHb5dWnJLR3D 2RN1JDJlTknrQB2SZ8RD+1YkR6LvakrKRDoSqtB+I+qhfU1+rrCElQbQeaqCjBgEV/V2 5C1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to:cc; bh=q/1LVIyjRLzotL4uM94ki1buEoAut2+qhWwjL7Gxipk=; b=I8HfJ1sGXK8AMzucF96+kgnI8jjzJRaWDEZ7iCRLVpqP5Mc6JJoqPRKFXN4CeP9hrw Wx6W8NWUwSKDlSACdTvF0rlWKQFC4HYSIFxK2ZYKdp7oKn+LYmk6AYBPcHGROa3okbSt 76Pd1YF/X+2V7bBG7N/iDGx7VrluQn0jAA3AaomvGapqyJT5ZQsWt598p3H6hqG3dL/R LvtseP5kTPZJLQL+/mF0XF5mPtlThGZQreo6hBupZ7mNiUwf45LxxYL9ZG7kiiaUVhYo 6/Jg7nbjof0KJ8qn5fIn3AF1J13VyV0A5kS7LxFA9vU5DeAyZb0MFSxlJh14gJrn6toG ug8g==
X-Gm-Message-State: AKGB3mI3I4JMgydgOZAVFHjXUo07kGiVgSqArnED6vj7xBSe33fLDCtC 8U463+VBBm+BH333CAalGNcOB35TzPg1+sQ02ct5lw==
X-Google-Smtp-Source: ACJfBov5lpONkJ/pm/TFHEKVxb3gl6qROueIrh9SWcFfwW8EQ0ddxm64QKbREOHsxySEUV1HD/7h5vu8yohqlZ4PvJc=
X-Received: by with SMTP id 25mr3048268ljp.119.1513717856537; Tue, 19 Dec 2017 13:10:56 -0800 (PST)
MIME-Version: 1.0
Sender: mglt.ietf@gmail.com
Received: by with HTTP; Tue, 19 Dec 2017 13:10:55 -0800 (PST)
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Tue, 19 Dec 2017 16:10:55 -0500
X-Google-Sender-Auth: qdKoPPY6tB2qTKpMJeAcF56rWp0
Message-ID: <CADZyTkksHDXEDX4rq8oW9Koi2TXc5yYxhwE3UJo3tGx_E27J7A@mail.gmail.com>
To: curdle <curdle@ietf.org>
Cc: curdle-chairs <curdle-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c1ce7a02119b70560b7e786"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/f34VdBIO-w1VVVkk1_m6kJSBMIc>
Subject: [Curdle] comments on draft-ietf-curdle-ssh-kex-sha2-09
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2017 21:11:01 -0000


Please find the shepherd write-up [1] for draft-ietf-curdle-ssh-kex-sha2
[2]  as well as my comments regarding the current version below:

Unless some raises any concerns, the draft will be sent to the IESG as soon
as the current version is updated.



[2] https://tools.ietf.org/html/draft-ietf-curdle-ssh-kex-sha2-09

section 1

maybe the sentence below should be removed.

   [TO BE REMOVED: Please send comments on this draft to

reference I-D.ietf-curdle-ssh-modp-dh-sha2 is now rfc8268, so references
should be updated and moved from informational to normative.

section 3.1

Curve25519 and SHA-256 may point to references such as RFC8031 RFC6234.

It might be also good to have a reference to the code point
curves25519-sha256 with draft-ietf-curdle-ssh-curves.

section 3.2

Curve448 and curve448-256 may also point to references RFC8031 and

section 3.3

I think the sentence below repeats itself and should be changed:
It is recommended that these key exchange groups NOT
be used. This key exchange SHOULD NOT be used.

section 3.5

diffiehellman-group1-sha1 should be referenced by RFC4253

section 3.6 - 3.11

The code points should refer to rfc8268.

section 3.7

It is surprising DH is defined so deep in the document ;-)

section 3.12 -3.14

The code points should should refer rfc5656

section 3.15 - 3.17

The code points should refer rfc4462

section 3.18 - 3.27

The code points should refer draft-ietf-curdle-gss-keyex-sha2

section 3.28 - 3.29

The code points should  mention rfc 4432

In section 3.29 I think that more text should be added to justify the MAY.
rsa2048-sha256 matches all reasons rsa1024-sha1 's status is MUST NOT.

section 4

""Of course, use of SHA384""" may be """Of course, the use of SHA384"""
I might be wrong as well.

section 5

new-modp should be replaced by rfc8268

section 8

rsa1024-sha1 is the only code point to be updated by
IANA in that case, it may be easier to mention it rather than
referring to the table.

The nits provides the following output.

idnits 2.15.00


  Checking boilerplate required by RFC 5378 and the IETF Trust (see

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :

     No issues found here.

  Miscellaneous warnings:

     (Using the creation date from RFC4250, updated by this document, for
     RFC5378 checks: 2005-03-16)

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer.
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (July 30, 2017) is 142 days in the past.  Is this

  Checking references for intended status: Proposed Standard

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Outdated reference: A later version (-03) exists of

  == Outdated reference: A later version (-06) exists of

  == Outdated reference: draft-ietf-curdle-ssh-dh-group-exchange has been
     published as RFC 8270

  == Outdated reference: draft-ietf-curdle-ssh-modp-dh-sha2 has been
     published as RFC 8268

     Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.