[IPP] Fwd: [Secdispatch] Fwd: New Version Notification for draft-michel-ssh3-00.txt
Ira McDonald via ipp <ipp@pwg.org> Wed, 28 February 2024 14:28 UTC
Return-Path: <ipp-bounces@pwg.org>
X-Original-To: ietfarch-ipp-archive@ietfa.amsl.com
Delivered-To: ietfarch-ipp-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 876A3C14F696 for <ietfarch-ipp-archive@ietfa.amsl.com>; Wed, 28 Feb 2024 06:28:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.106
X-Spam-Level:
X-Spam-Status: No, score=-3.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_FAIL=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=pwg.org header.b="FCz9EyyG"; dkim=pass (1024-bit key) header.d=pwg.org header.b="jiU9ZPdF"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=gmail.com header.b="fuw8+nqP"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uw22xGn7axZt for <ietfarch-ipp-archive@ietfa.amsl.com>; Wed, 28 Feb 2024 06:28:06 -0800 (PST)
Received: from mail.pwg.org (mail.pwg.org [172.104.19.21]) by ietfa.amsl.com (Postfix) with ESMTP id 1DCA9C14F60C for <ipp-archive2@ietf.org>; Wed, 28 Feb 2024 06:28:05 -0800 (PST)
Received: by mail.pwg.org (Postfix, from userid 1002) id B133BD65B; Wed, 28 Feb 2024 14:28:04 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org B133BD65B
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=pwg.org; s=default; t=1709130484; bh=vbhYsb6cMkwgvp0RO5gveTjqo5ljtUNsRKRaCjC13TY=; h=References:In-Reply-To:Date:To:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=FCz9EyyGT0M4OmxoQNVCMqwkQQaE8XAe4xvSlEklQQe2bIDVW1ITbGcDiL58o9PWY BbmS+7RaTC5VJOj1X3CRRwqv5c3oRiIfDw/+OjsCwhvLhrw4opJV9TXtz09UR+Hfwv ZWofpwFSy/yI19t4svcT/MY665ZjeByl3CksZGCg=
Received: from mail.pwg.org (localhost [IPv6:::1]) by mail.pwg.org (Postfix) with ESMTP id 1CEFE3A50; Wed, 28 Feb 2024 14:27:56 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org 1CEFE3A50
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=pwg.org; s=default; t=1709130476; bh=vbhYsb6cMkwgvp0RO5gveTjqo5ljtUNsRKRaCjC13TY=; h=References:In-Reply-To:Date:To:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=jiU9ZPdFNdjjsIxlrJgs1RtBKz3uc/XBS0EDOaKZHhHFZ5WHkUMoYQPyvt/jPoxBM LcM0nmyxS02mbvtlpxFdIvyAAPljWhwPL1dL2dffBFF7YXSiinUGNjWvhLmr3oyaAn VPXwl+9p68MvWYjWJvphhteC6gIdJZXgAxf4yhw8=
X-Original-To: ipp@pwg.org
Delivered-To: ipp@pwg.org
Received: by mail.pwg.org (Postfix, from userid 1002) id D0BCE3EF5; Wed, 28 Feb 2024 14:27:53 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org D0BCE3EF5
Authentication-Results: mail.pwg.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="fuw8+nqP"
Received: from mail-vk1-xa29.google.com (mail-vk1-xa29.google.com [IPv6:2607:f8b0:4864:20::a29]) by mail.pwg.org (Postfix) with ESMTPS id 19C6F38D for <ipp@pwg.org>; Wed, 28 Feb 2024 14:27:49 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.pwg.org 19C6F38D
Received: by mail-vk1-xa29.google.com with SMTP id 71dfb90a1353d-4d34438e932so98063e0c.1 for <ipp@pwg.org>; Wed, 28 Feb 2024 06:27:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709130469; x=1709735269; darn=pwg.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=iPWtqmyI3lWpPyK05BS7/GAVQZxqcBeXitNDEjFi8W4=; b=fuw8+nqPw3hZlVm5QaT8alT/c8/PuV7ZWUeBkPtLMAb3LB0xiIzdANkCkTqko9eZ8H zgVoTcKx0Ay0/94CZNoN6VIzJdFjNKTi9pnHegRt+wtvDD4sltO2/IPFfPRvyBiOJKHf nZnFqXE7c/G4eCiG6xO9pWVEXSaBFGAmWv0+WhhdhIMWmTKZRAXrwLLfCFQFi0DuEtKc mxM2c/zIb4qHloUU1q2EcULT5RcMuBqkW+sewKaolNIAGfmzqTWwO9WhXpADo7NpPCps JwtAHUjWfjnxmwyvK2pFONS/AjxkD3vJ6bcJMTkNzyWQZnCx31NxADNf/vQJepEhS+z6 ZgMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709130469; x=1709735269; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=iPWtqmyI3lWpPyK05BS7/GAVQZxqcBeXitNDEjFi8W4=; b=Q/aqOj8basl58bMwVDoos+pztObaWckKKEbfClSRvhE4Tp01LVwFMo+bE+9ta4s8yM GRdv3nTAliDjvn/E5nPOWBWKYefzngdl8n6wTh7aFNJ2ctCgVOduBo03CsBnOAXfmvT+ 9QnM2mkquwnYSWc5Z0WHFYJJJIVN8Ev6bNFk7YuYYGR8lYZQG9aTUMD8j8jhysNbAHxs VdC/LjEjqlPsrxqrdweojyyTxe4O3AHGyAa08l5NoF+qgeE6TiMQIPGgwOntU7j52YQD EY1BWKwHtfWJeSY2TqwwL7RiFD05bTuOyEwPzU6i4I8KxKmSIte8TM3249WL9B1St9Ep rhdA==
X-Gm-Message-State: AOJu0YyjnnW52M3cx4xyp72+g3JhLgL7s54Nt8HG/i3QpkIZ8U5F7F1F VYQ5KYIqE+16HBfTySSeyUwTpldDqssk1kwmJb7Kl9opbOfN0UY9QB95DXcL7XGkV6Xx+60yPMu EuKJyU2wKbvx6wuCRlj2OMj6P4rYkLtrvHmQ=
X-Google-Smtp-Source: AGHT+IEWepKjjG5oILY29SswRMdMX83b3ltsbcUFiK8exhh+7BkbFJ2l2PF51haKjOQ5/NGXyLpWq+L8+9cysf1nnqw=
X-Received: by 2002:a1f:fc48:0:b0:4d3:3359:b97d with SMTP id a69-20020a1ffc48000000b004d33359b97dmr4142656vki.2.1709130468871; Wed, 28 Feb 2024 06:27:48 -0800 (PST)
MIME-Version: 1.0
References: <170911965904.3033.17522957886360413299@ietfa.amsl.com> <87a8b388-9b1a-4007-9b67-0aa758c61d33@uclouvain.be>
In-Reply-To: <87a8b388-9b1a-4007-9b67-0aa758c61d33@uclouvain.be>
Date: Wed, 28 Feb 2024 09:27:32 -0500
Message-ID: <CAN40gSt-WP=_NMvCDcUoGGmN4AFC+jzvC9kWhBhiRTfTwY6uZA@mail.gmail.com>
To: "ipp@pwg.org" <ipp@pwg.org>, Ira McDonald <blueroofmusic@gmail.com>
Subject: [IPP] Fwd: [Secdispatch] Fwd: New Version Notification for draft-michel-ssh3-00.txt
X-BeenThere: ipp@pwg.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: ISTO-PWG Internet Printing Protocol workgroup discussion forum <ipp.pwg.org>
List-Unsubscribe: <https://www.pwg.org/mailman/options/ipp>, <mailto:ipp-request@pwg.org?subject=unsubscribe>
List-Archive: <http://www.pwg.org/pipermail/ipp/>
List-Post: <mailto:ipp@pwg.org>
List-Help: <mailto:ipp-request@pwg.org?subject=help>
List-Subscribe: <https://www.pwg.org/mailman/listinfo/ipp>, <mailto:ipp-request@pwg.org?subject=subscribe>
From: Ira McDonald via ipp <ipp@pwg.org>
Reply-To: ISTO-PWG Internet Printing Protocol workgroup discussion forum <ipp@pwg.org>
Cc: Ira McDonald <blueroofmusic@gmail.com>
Content-Type: multipart/mixed; boundary="===============5520802537464883332=="
Errors-To: ipp-bounces@pwg.org
Sender: ipp <ipp-bounces@pwg.org>
Hi, Interesting new direction for SSH (widely used for system admin of printers), which hasn't had an active IETF WG for 20 years now - updating it and moving it to run over HTTP/3 and take advantage of QUIC prior art. Cheers, - Ira ---------- Forwarded message --------- From: François Michel <francois.michel=40uclouvain.be@dmarc.ietf.org> Date: Wed, Feb 28, 2024 at 7:49 AM Subject: [Secdispatch] Fwd: New Version Notification for draft-michel-ssh3-00.txt To: <alldispatch@ietf.org> Cc: Olivier Bonaventure <olivier.bonaventure@uclouvain.be>, < secdispatch@ietf.org> Hi all, We're happy to announce that we recently submitted a first design draft for running SSH/Secure Shells over HTTP, with a focus on HTTP/3. We would love being able to discuss this document during the ALLDISPATCH session (I will attend remotely). We have an open-source working prototype in Go here: https://github.com/francoismichel/ssh3 Coming from our recent research article, the solution is named SSH3. We'd be happy to discuss the name/renaming in the future, but we would first like to discuss the protocol, its architecture and use-cases before any long naming discussions take place. :-) Its final name will depend on the path taken by the solution anyway, i.e. whether it will become a concrete candidate for a new version, an alternate layer for RFC4252 and RFC4253 or integrated as part of ongoing IETF work (e.g. as stated in the draft, we can observe synergies with MASQUE). Among other benefits of this evolution of SSH, we can list UDP port forwarding (or other protocols such as IP), focusing the specification on the Connection protocol, reduced connection establishment, better integration with existing web authentication infrastructures, URL multiplexing and others. I recommend you to look at the draft for a more detailed (but still concise) list of the interesting aspects. The idea is getting quite some public traction (the repo is quite popular) but we're still in an embryonic state of the proposal. We would love to have feedback from IETF folks and work together on the future of the protocol and its architecture. The document is introductory and there is room for people to participate. For instance, the short section 7 only introduces the topic of making this proposal coexist with existing SSHv2 deployments. Defining mechanisms inspired by how QUIC and HTTP/3 coexist with TCP and HTTP/2 would be really interesting ! I know some people already look at providing other implementations of the proposal. If it is your case let us know and we can work together and reach interop. :-) In case you look at refactoring your existing SSH implementation for other reasons, it might be easy to also make it compatible with this proposal since most of the Connection protocol is reused. Existing QUIC/HTTP libs can be used for the remaining parts. Don't hesitate to let us know your thoughts, feedback and use-cases ! Regards, François -------- Message transféré -------- Sujet : New Version Notification for draft-michel-ssh3-00.txt Date : Wed, 28 Feb 2024 03:27:39 -0800 De : internet-drafts@ietf.org Pour : François Michel <francois.michel@uclouvain.be>, Francois Michel <francois.michel@uclouvain.be>, Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be>, Olivier Bonaventure <olivier.bonaventure@uclouvain.be> A new version of Internet-Draft draft-michel-ssh3-00.txt has been successfully submitted by François Michel and posted to the IETF repository. Name: draft-michel-ssh3 Revision: 00 Title: Secure shell over HTTP/3 connections Date: 2024-02-28 Group: Individual Submission Pages: 18 URL: https://www.ietf.org/archive/id/draft-michel-ssh3-00.txt Status: https://datatracker.ietf.org/doc/draft-michel-ssh3/ HTML: https://www.ietf.org/archive/id/draft-michel-ssh3-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-michel-ssh3 Abstract: The secure shell (SSH) traditionally offers its secure services over an insecure network using the TCP transport protocol. This document defines mechanisms to run the SSH protocol over HTTP/3 using Extended CONNECT. Running SSH over HTTP/3 enables additional benefits such as the scalability offered by HTTP multiplexing, relying on TLS for secure channel establishment leveraging X.509 certificates, HTTP Authentication schemes for client and server authentication, UDP port forwarding and stronger resilience against packet injection attacks and middlebox interference. The IETF Secretariat _______________________________________________ Secdispatch mailing list Secdispatch@ietf.org https://www.ietf.org/mailman/listinfo/secdispatch
_______________________________________________ ipp mailing list ipp@pwg.org https://www.pwg.org/mailman/listinfo/ipp
- [IPP] Fwd: [Secdispatch] Fwd: New Version Notific… Ira McDonald via ipp