[Curdle] Time to Review IANA SSH Registries Policies?

Sean Turner <sean@sn3rd.com> Wed, 03 February 2021 19:51 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAAF73A10E5 for <curdle@ietfa.amsl.com>; Wed, 3 Feb 2021 11:51:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OQL2ff1bGrIv for <curdle@ietfa.amsl.com>; Wed, 3 Feb 2021 11:51:30 -0800 (PST)
Received: from mail-qk1-x733.google.com (mail-qk1-x733.google.com [IPv6:2607:f8b0:4864:20::733]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86CA53A10E4 for <curdle@ietf.org>; Wed, 3 Feb 2021 11:51:30 -0800 (PST)
Received: by mail-qk1-x733.google.com with SMTP id t63so1010050qkc.1 for <curdle@ietf.org>; Wed, 03 Feb 2021 11:51:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=j4chwrKCPJnikwjF4h2nyhuxNStPO4iqyWhCSZlUzqs=; b=jTYvRhx/kpULDUBrQ7SKk17Bz3QEWaauCa2CxXfcyhdvJcX4uwarAJ6h/rFuOvwPHg iRArWVjxXvw8EKYcmLNq0SgL4HzOyrpweoV/JDkMUmFgEry+hWZFr+E/JT5qH7CLvrdD 1TCIF+A6jLAXBQBtpQ2/z1TxTsnR8OvF4qgoU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=j4chwrKCPJnikwjF4h2nyhuxNStPO4iqyWhCSZlUzqs=; b=P22PisCjkevv+KvlKwOuGfvzcdbAw75XdDZLgSnY2TrOnM6EWFTnE8tfyUMiqOUTok ilMfVxS7CcNfqZDCooVtRA0bwOwT+GgYY1BLV5PEmfEG8G3sykZKSKknLNmPMECqrzoD BnOiNFI28Av1YTUppw+gozdQmYNttyATDsmTB6PUh/0awEuoJfhWqYfn19dV0FlB1l3Z BdLF9JUxnacB8196ACbBYWysNRDvbQYyPp7h2AYUAmmQvyB75QSGjV0acnHPulLTm4mR 5k6I/6jgxorzPb09AEDw+NrIFmDnSyUqhL41JDv2/YgSgekoWbL69zDKfmHQYk6s4Maz CoAg==
X-Gm-Message-State: AOAM532CM+Galdk2pzNlwiZz2oJ5Er4tgkIKzlQ9fO9ZDJxvcm7I+v7F Lac+b0BEcyXF/xGYCQxXrRN5DPpIbx+e7GCH
X-Google-Smtp-Source: ABdhPJyUNsrnXFypSLUifHFbyQLy/LCcUXve2nWyOI1DX1oXv42bpuj/U0PI/hzN2JU2h6KZXGI01w==
X-Received: by 2002:a37:484f:: with SMTP id v76mr4086537qka.312.1612381889284; Wed, 03 Feb 2021 11:51:29 -0800 (PST)
Received: from [192.168.1.152] (pool-108-31-39-252.washdc.fios.verizon.net. [108.31.39.252]) by smtp.gmail.com with ESMTPSA id t128sm2615166qka.46.2021.02.03.11.51.28 for <curdle@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 03 Feb 2021 11:51:28 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Message-Id: <A77E7858-C4ED-4DA0-8015-5E67EB921144@sn3rd.com>
Date: Wed, 3 Feb 2021 14:51:28 -0500
To: Curdle List <curdle@ietf.org>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/gdiOlZr9bnrZv8umVyguGG3woIM>
Subject: [Curdle] Time to Review IANA SSH Registries Policies?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2021 19:51:32 -0000

Hi! The IANA registries for SSH were established long ago when the fashion was to require an RFC to set any value (see https://datatracker.ietf.org/doc/rfc8126/ for definitions of the various registry rules). IPsec, TLS, and others initially did the same thing, but have since backed down the high bar and gone to expert review for many if not all of their registries. Is there interest in reviewing the SSH registries to see if it makes sense to move them to expert review (or some other level)?

This would likely result in setting up a pool of experts and providing them with some instructions, but that’s been done before for other registries.

spt