WG Review: Secure Shell Maintenance (sshm)

The IESG <iesg-secretary@ietf.org> Thu, 05 September 2024 22:08 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from [10.244.2.118] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id BB2D5C180B6F; Thu, 5 Sep 2024 15:08:56 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Review: Secure Shell Maintenance (sshm)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.23.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <172557413642.1952499.1292406943377868401@dt-datatracker-68b7b78cf9-q8rsp>
Date: Thu, 05 Sep 2024 15:08:56 -0700
Message-ID-Hash: DSBO5N5FPA255FWQJ4IA6XXCWJULXJLV
X-Message-ID-Hash: DSBO5N5FPA255FWQJ4IA6XXCWJULXJLV
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-announce.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ssh@ietf.org
X-Mailman-Version: 3.3.9rc4
Reply-To: iesg@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/XXXdwy9jrEjnLznqv8Oj_iMqMvw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-announce-owner@ietf.org>
List-Post: <mailto:ietf-announce@ietf.org>
List-Subscribe: <mailto:ietf-announce-join@ietf.org>
List-Unsubscribe: <mailto:ietf-announce-leave@ietf.org>

A new IETF WG has been proposed in the Security Area. The IESG has not made
any determination yet. The following draft charter was submitted, and is
provided for informational purposes only. Please send your comments to the
IESG mailing list (iesg@ietf.org) by 2024-09-15.

Secure Shell Maintenance (sshm)
-----------------------------------------------------------------------
Current status: Proposed WG

Chairs:
  Job Snijders <job@fastly.com>
  Stephen Farrell <stephen.farrell@cs.tcd.ie>

Assigned Area Director:
  Deb Cooley <debcooley1@gmail.com>

Security Area Directors:
  Paul Wouters <paul.wouters@aiven.io>
  Deb Cooley <debcooley1@gmail.com>

Mailing list:
  Address: ssh@ietf.org
  To subscribe: https://mailman3.ietf.org/mailman3/lists/ssh.ietf.org/
  Archive: https://mailarchive.ietf.org/arch/browse/ssh/

Group page: https://datatracker.ietf.org/group/sshm/

Charter: https://datatracker.ietf.org/doc/charter-ietf-sshm/

The main goal of the working group is to maintain the Secure Shell (SSH)
protocol. SSH provides support for secure remote login, file transfer, and
forwarding UNIX-domain sockets, TCP/IP and X11. It can automatically encrypt,
authenticate, and compress transmitted data.

The SSHM working group facilitates discussion of clarifications,
improvements, and extensions to the SSH protocol. The working group also
serves as a focus point for other IETF working groups who use SSH in their
own protocols.

The initial goals of this working group are:

   * to update the RFCs documenting SSH to reflect what is implemented and
   deployed in practice. In particular, the working group will document the
   OpenSSH certificate structure, the SSH agent protocol, and SFTP, as they
   are commonly implemented.

   * to update and maintain the list of cryptographic algorithms used by SSH.
   This includes documenting currently deployed algorithms, deprecating
   unsafe algorithms, selecting new algorithms, and determining the set of
   recommended and mandatory-to-implement algorithms. Updating IANA SSH
   registries and changing their registration policies is in scope.

   * while the development of formal verification proofs is out of scope,
   this working group can respond to emerging proofs, and to security issues
   found by formal verification tools. This can be done for example by
   defining new extensions to improve the security of SSH.

This working group will strive for strong security, simplicity, and ease of
implementation. In particular, proposals will only be adopted if there is
evidence of significant existing deployment or broad interest in new
implementation and deployment. Protocol documents should not be submitted to
the IESG for publication before they have at least two demonstrably
interoperable implementations.

Out of scope includes:

   * defining new certificate types or trust mechanisms;
   * new transports for SSH;
   * designing cryptographic algorithms (but defining how SSH uses
   cryptographic algorithms is in scope).

Milestones:

  Dec 2024 - Issue call for adoption for chacha20-poly1305 draft

  Jan 2025 - Issue calls for drafts documenting existing and widely used SSH
  protocol features

  Mar 2025 - Issue call for adoption for SSH Agent Protocol draft

  Jul 2025 - Issue call for adoption for rfc9519bis draft