[secdir] secdir review of draft-igoe-secsh-suiteb-02

"Dan Harkins" <dharkins@lounge.org> Thu, 13 January 2011 22:48 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id C6A783A6C0D; Thu, 13 Jan 2011 14:48:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.335
X-Spam-Status: No, score=-5.335 tagged_above=-999 required=5 tests=[AWL=-0.930, BAYES_20=-0.74, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id Tedud4D1Nu2t; Thu, 13 Jan 2011 14:48:31 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net []) by core3.amsl.com (Postfix) with ESMTP id F07E03A6BED; Thu, 13 Jan 2011 14:48:30 -0800 (PST)
Received: from www.trepanning.net (localhost []) by colo.trepanning.net (Postfix) with ESMTP id 8DCC21022404C; Thu, 13 Jan 2011 14:50:54 -0800 (PST)
Received: from (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 13 Jan 2011 14:50:54 -0800 (PST)
Message-ID: <cce49a057d2fce5430e91821cd065e32.squirrel@www.trepanning.net>
Date: Thu, 13 Jan 2011 14:50:54 -0800 (PST)
From: "Dan Harkins" <dharkins@lounge.org>
To: iesg@ietf.org, secdir@ietf.org, draft-igoe-secsh-suiteb.all@tools.ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: [secdir] secdir review of draft-igoe-secsh-suiteb-02
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jan 2011 22:48:31 -0000


  I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

  This draft documents how a Suite B-compliant SSH client can be built
using various other documents that describe how to do ECC-DH, ECDSA, and
AES-GCM in SSH. It establishes 2 minimum levels of security, one at
128-bits and another at 192-bits, and specifies how to use the ECC-DH,
ECDSA, and AES-GCM components to achieve those two levels.

  I found no issues with the draft itself and my only complaint is that
the Security Considerations seem a little insufficient for the task of
describing how to put Suite B in SSH. They are, in their entirety:

          The security considerations of [SSH-Arch] apply.

where [SSH-ARCH] is RFC 4251. The Security Considerations in RFC 4251
are very nice and it is proper to refer to them but, at the very least,
it would be nice to provide some text around the following questions:

  1. how much entropy is each side required to put into the ECC-DH
     exchange to achieve the appropriate minimum level of security?

  2. in the introduction the draft mentions that following the
     requirements in the draft does not imply that an implementation is
     suitable for protection of classified data. What other guidance can
     the author recommend to leap that bar? Are there any other documents
     that specify the other requirements an implementation would have to
     comply with?