IETF Logo Mail Archive

Re: [saag] SSH & Ntruprime

Loganaden Velvindron <loganaden@gmail.com> Thu, 28 March 2024 18:40 UTC

Return-Path: <loganaden@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7DAEC14F5FD for <saag@ietfa.amsl.com>; Thu, 28 Mar 2024 11:40:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C82yF2FKHCg9 for <saag@ietfa.amsl.com>; Thu, 28 Mar 2024 11:40:17 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50EC5C14F70E for <saag@ietf.org>; Thu, 28 Mar 2024 11:40:17 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id 38308e7fff4ca-2d109e82bd0so16467661fa.3 for <saag@ietf.org>; Thu, 28 Mar 2024 11:40:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711651215; x=1712256015; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=CLaCKn09NSe85cKyPibm2GxWbQuEXkq5hrbpRuVint8=; b=k2LjSeVpcewpTpI5tRgly07VtWfARTFPHKBMDdJnVU9q0ADNOnDt8W6A6MVlIXnt3L NJtM3AbF5r7wGTCUEI4rI45WstyYlPtOYAy/pmxnBFziBy9p9UQ9wOtzrcGlLw49CwkF jig8HMZA3CsBfqkfF3DmlKxN0Om88BFmss3OBgURdbO6oWe1xyLhKmVMi32EeenlLyco Jk8Xl0RlwFlMu/7pTe5R8jHaM0q8mK0pvgDOAouRgvHFaQ92ZfFeQnoFJMviewJJMtiu ElI3IttiphyhIDxeHElUXey0It2QX6FDDPDjaMTWQYu39hv7Y0pNo9PkXMBfGaqowxxW P69A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711651215; x=1712256015; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CLaCKn09NSe85cKyPibm2GxWbQuEXkq5hrbpRuVint8=; b=SyKFtwHuObYNCUD5zYEopSp589WLPhee0LiNsh5QwBdUyJMeuS+3dBdT72tfHHW37J DLHu3Sr6vhW1XGC4KW3jClf+bhG7I6vTo108BsQGo3Nws9rTTBusKZpLB+HpuVZHru6J ErqLwNDZ//5xVyXcfy3yjZYTh2gHg7kuTDQkiZtu5jcknLRdSOuweQ1JiqWE2Qt+Bgkx HwYeQeZ/bjBdr5ztjpNU5n6vJ5W9rpret3eQYJ91hFrqYqbgZwXmr/a2hOlPTyauoYL3 mZ+K0cv2mFXfFHLNaEunXBgQelp1o5DnwuMwtIh1kfVr/7Sl37L78uOP1eFtF+rQqb8L OzLA==
X-Gm-Message-State: AOJu0Yx65r1G76g7A0geqJrBkF+n5O1f5mARp3KoRRiEEzcX7I9WLeRP hT8FpRUinnZEtixjXQi2nObuVmcajWo5pM0F0r7WCc4WYfvq8CScX8D0Q+kCOWLotY61fW5tB2i 4ZWxt4tcrIVtVStSXBQx9v+xnJdH2du2EYhw=
X-Google-Smtp-Source: AGHT+IHKTMNTepLucQPIPfMsYZDj8Ja0Igs/zKTVydeVZL9pJvebhDORl7226tquUEIsB6sLq1hIYJ8OPzDFoebigQs=
X-Received: by 2002:a2e:9914:0:b0:2d4:6aba:f1a9 with SMTP id v20-20020a2e9914000000b002d46abaf1a9mr12871lji.40.1711651214734; Thu, 28 Mar 2024 11:40:14 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBPWjXvLh06-DBO3Z0sfeb2hgzqzaSZ-J2-TZ7qesrSraA@mail.gmail.com> <D0CD341B-523B-48A0-8954-EE7F89113241@aiven.io> <AF7B6F32-9EE6-4810-A99A-833DEA917FA9@sonic.net> <CABcZeBPfXQckpZageogUxTYgX2j_Nr_O3bvf-a-x0S_82BHMxg@mail.gmail.com> <079A0AA3-FA02-440F-ABA0-6AF897570E86@sonic.net> <CABcZeBOxfYR+=61DV1XN0F9nrmbzLR2zq_ZvADw4UUy1uFafzw@mail.gmail.com> <8caa2d4d-bc80-4fcf-b8bc-839052371730@lear.ch> <CABcZeBMABJ89T0qY0-9C3xxd=mFfGyCh7_9GKbEUBm6JtR+_ng@mail.gmail.com> <87sf0dupjn.fsf@kaka.sjd.se> <CAN8C-_JTwA1fP=d0c_AXOdYsAX6fDfnFb0U05aO8y8tg8R3bVw@mail.gmail.com> <484345.1711508956@dyas>
In-Reply-To: <484345.1711508956@dyas>
From: Loganaden Velvindron <loganaden@gmail.com>
Date: Thu, 28 Mar 2024 22:40:02 +0400
Message-ID: <CAOp4FwSFZTJ574chhfBHPDH8un6kayRMyZBSt2pcxBcgPY0Rtw@mail.gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: saag <saag@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/J4lfkO_fYbx16rkOKfHvoYtQgV8>
Subject: Re: [saag] SSH & Ntruprime
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2024 18:40:20 -0000

On Wed, 27 Mar 2024 at 07:09, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>
>
> Orie Steele <orie@transmute.industries> wrote:
>     > 1. Publish SSH related specifications as RFCs
>     > 2. Support the review process from RFC9519 (We're working to resolve the
>     > issue with the list, thanks for reporting it)
>
>     > I don't think using IDs to document SSH algorithms and then never
>     > publishing those drafts helps either community.
>
> It's a lot of effort and money to publish a document for an algorithm that
> some say isn't as secure as claimed, and perhaps shouldn't be widely implemented.
>
Hi Michael,

I asked about the security of ntru prime back in December 2022:

https://mailarchive.ietf.org/arch/msg/cfrg/AX9WGbiNpNmRpe9KJ1DEc7vi6ss/

Are you aware of weaknesses in ntruprime now ?
Can you please share if such is the case ?





> a) anyone can register foobar@example.com in the SecSH ecosystem, and openssh
>    has done exactly that, and really, it's done.
>
> b) if someone wants "foobar", I'm fine with *any stable web page* (including
>    ietf.org/archive/foobar).  That's what **Specifications Required** means, and
>    please let's not raise the bar here.
>    If necessary, we can loop it through archive.org, which is what the RPC
>    is doing for other references in RFCs.
>
> c) If you are bothered by the IANA Considerations, then write a document to
>    change them.
>
> {yeah, I worked for SSH.com 25 years ago, but never on SSH}
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-                      *I*LIKE*TRAINS*
>
>
>
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag

v2.23.0 | Report a Bug | By Email