[Curdle] Protocol Action: 'Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)' to Proposed Standard (draft-ietf-curdle-ssh-kex-sha2-20.txt)
The IESG <iesg-secretary@ietf.org> Fri, 10 September 2021 16:05 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: curdle@ietf.org
Delivered-To: curdle@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id AC9CD3A0849; Fri, 10 Sep 2021 09:05:37 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 7.37.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, curdle-chairs@ietf.org, curdle@ietf.org, draft-ietf-curdle-ssh-kex-sha2@ietf.org, kaduk@mit.edu, mglt.ietf@gmail.com, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <163128993753.27671.4515784936886474995@ietfa.amsl.com>
Date: Fri, 10 Sep 2021 09:05:37 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/kcdrIgWu1pyHuTB-J1rhR2N9LbE>
Subject: [Curdle] Protocol Action: 'Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)' to Proposed Standard (draft-ietf-curdle-ssh-kex-sha2-20.txt)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Sep 2021 16:05:38 -0000
The IESG has approved the following document: - 'Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)' (draft-ietf-curdle-ssh-kex-sha2-20.txt) as Proposed Standard This document is the product of the CURves, Deprecating and a Little more Encryption Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-curdle-ssh-kex-sha2/ Technical Summary This document is intended to update the recommended set of key exchange methods for use in the Secure Shell (SSH) protocol to meet evolving needs for stronger security. This document updates RFCs 4250, 4253, 4432, and 4462. Working Group Summary The proposed recommendations have been discussed on the mailing list and in sessions during the IETF in seoul. Additional changes were made based on subsequent discussion, including AD and directorate reviews, but all the changes were amply discussed in the WG. Document Quality The document provides recommendations, as such implementations are mostly related to the new methods defined in curdle. New key exchange methods will use the SHA-2 family of hashes and are drawn from these ssh-curves from [I-D.ietf-curdle-ssh-curves] and new-modp from the [RFC82682] and gss-keyex [I-D.ietf-curdle-gss-keyex-sha2]. All of the key-exchange mechanisms described have multiple implementations. Personnel The document shepherd is Daniel Migault. The responsible AD is Benjamin Kaduk RFC Editor Note Please remove the duplicated phrase """with the suggested implementation guidance provided in section 4 "Summary Guidance for Key Exchange Method Names Implementation" in this document.""" from the IANA considerations. Please also replace "4000" with the more conventional "4096" in Section 3.2.1
- [Curdle] Protocol Action: 'Key Exchange (KEX) Met… The IESG
- Re: [Curdle] Protocol Action: 'Key Exchange (KEX)… Mark Baushke (ietf)
- Re: [Curdle] Protocol Action: 'Key Exchange (KEX)… Salz, Rich
- Re: [Curdle] Protocol Action: 'Key Exchange (KEX)… Daniel Migault