Re: [Curdle] Call for Adoption
Watson Ladd <watsonbladd@gmail.com> Wed, 13 January 2016 18:33 UTC
Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9A791B3034 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Wed, 13 Jan 2016 10:33:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RP_MATCHES_RCVD=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qHDQFHZghP4y for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Wed, 13 Jan 2016 10:33:36 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 750EE1ACE1D for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Wed, 13 Jan 2016 10:33:36 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 063DB85F10; Wed, 13 Jan 2016 18:33:36 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: by mail.netbsd.org (Postfix, from userid 1347) id A53F585EC3; Wed, 13 Jan 2016 18:33:35 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 8A4AD85EEB for <ietf-ssh@netbsd.org>; Wed, 13 Jan 2016 16:40:31 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 5flRX6HXVlCs for <ietf-ssh@netbsd.org>; Wed, 13 Jan 2016 16:40:30 +0000 (UTC)
Received: from mail-yk0-x230.google.com (mail-yk0-x230.google.com [IPv6:2607:f8b0:4002:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id AAD2685E54 for <ietf-ssh@netbsd.org>; Wed, 13 Jan 2016 16:40:30 +0000 (UTC)
Received: by mail-yk0-x230.google.com with SMTP id v14so401182366ykd.3 for <ietf-ssh@netbsd.org>; Wed, 13 Jan 2016 08:40:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=BqjaTsdscSXBeFYdCIyjowG5NDkZ6nx4lY3FUOg2ReU=; b=toOqFmnJBTrury4ouxjjpwryd0zpwywqjZgybgdUWJlwPsDHWgeL7+NBPEnHbZtB8B 5J1cz3Ee2WGw/gtmWVELj7/itCsUdvPKQ4hbh2ketnPvV7XUUQX/w3Aj6IBhBO0zhkK1 5A/Y3fyjXosXT1dINYBeZ+EJtTU+Q/FcONmI3ZIBXcSep382Gbi+Mw48YIK5aBZs/Nb3 HLgca840mKT5P9PTae1tt1GP+GecP/X8vHJl40ZkuYpa+7gRZ7SPYjHdvG1RhWlAVwhc Ls6xwWROHeUHDxrm2H2N61TjcaLMACKfm3bqhtWSysaQNfKwC1C4q+PX9mPkWacG6ZMn hXdg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=BqjaTsdscSXBeFYdCIyjowG5NDkZ6nx4lY3FUOg2ReU=; b=IGQNNrmmRmszz/nWICKjXbnWWUecS8aEaWMqGdcBg7z5xUO3VU/Z73eZNEIOmZMt1J s3EWDd/Pb3JERl6LEWl05kSoaYdhtuMlQER/KElBfB9ZgP7tL4rFwwgeCu2xqg66n7cK JZ5nrHrMrGNRa9I6VgdRgrmx4Us2iXlhrpo7zOXkxx9QFE4WFy4wQS+KE2OWAsfJJlxw WU2VOvOlrnZiu+hy+1UCvQ0rH/r1nuGqtwETY9jAkcRtgUDV/M7jTYFVA4qKB6YITGf2 4vsGwqdfbpbp4GOqVpfBX6r9QSfIXVJ3plhBtg0OQhhGr45cDwIE+cvQgBe1rGbgdhse /7CQ==
X-Gm-Message-State: ALoCoQmW3fYY/y6vDNxpbYYvsTaZPvJLRav19HVMxDgs0w1EjQNCzrJ1fGR2uFz77d4Um5yp3bYKO2OXKKLsPGSb8uqopO704g==
MIME-Version: 1.0
X-Received: by 10.129.72.84 with SMTP id v81mr101294721ywa.101.1452703229672; Wed, 13 Jan 2016 08:40:29 -0800 (PST)
Received: by 10.13.216.150 with HTTP; Wed, 13 Jan 2016 08:40:29 -0800 (PST)
In-Reply-To: <2DD56D786E600F45AC6BDE7DA4E8A8C1121B1924@eusaamb107.ericsson.se>
References: <2DD56D786E600F45AC6BDE7DA4E8A8C1121B1409@eusaamb107.ericsson.se> <65770.1452699581@eng-mail01.juniper.net> <2DD56D786E600F45AC6BDE7DA4E8A8C1121B1924@eusaamb107.ericsson.se>
Date: Wed, 13 Jan 2016 08:40:29 -0800
Message-ID: <CACsn0c==Ac6hgYMZhRo6T5iVDRN4rH7A+biVmUL-dgKJcDVprg@mail.gmail.com>
Subject: Re: [Curdle] Call for Adoption
From: Watson Ladd <watsonbladd@gmail.com>
To: Daniel Migault <daniel.migault@ericsson.com>
Cc: "mdb@juniper.net" <mdb@juniper.net>, Curdle Chairs <curdle-chairs@ietf.org>, Curdle <curdle@ietf.org>, "ietf-ssh@NetBSD.org" <ietf-ssh@netbsd.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list
On Wed, Jan 13, 2016 at 8:31 AM, Daniel Migault <daniel.migault@ericsson.com> wrote: > Hi, > > Thanks for the suggestion. I think it falls into the scope of the WG. > > The question I would have is whether it would make sense to extend the > document to the crypto suites others than DH - i.e. encryption mac. > This would result in a document providing cryptographic > recommendations for SSH and have this document regularly updated as > crypto evolves. Any opinion ? I'd prefer to prioritize the already deployed Curve25519 and Ed25519 work over crypto recommendations which other groups can develop. We also should consider aes-gcm@openssh.com to be added as this addresses a corner case in the spec which makes AEAD complex. > > BR, > Daniel > > -----Original Message----- > From: mdb@juniper.net [mailto:mdb@juniper.net] > Sent: Wednesday, January 13, 2016 10:40 AM > To: Curdle Chairs > Cc: Curdle; ietf-ssh@NetBSD.org > Subject: Re: [Curdle] Call for Adoption > > Hi, > > Over on the ietf-ssh@NetBSD.org list, Stephen Farrell suggested that I see if I could add > > https://datatracker.ietf.org/doc/draft-baushke-ssh-dh-group-sha2 > > under the curdle charter. > > The draft deprecates a Secure Shell (SSH) key exchange algorithm (Diffie-Hellman group1 - a 768-bit MODP group) and recommends replacement with stronger Diffie-Hellman MODP groups (groups 14, 15, 16). > > The draft does have two interoperable implementations that have implemented it. > > Does it fit well enough into the curdle charter to be added here? > > Thank you, > -- Mark > > ------- forwarded message ------- > From: Stephen Farrell <stephen.farrell@cs.tcd.ie> > Date: Wed, 13 Jan 2016 10:34:05 +0000 > Subject: Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange) > > Hiya, > > On 13/01/16 09:21, Mark D. Baushke wrote: >> Hi, >> >> URL: https://datatracker.ietf.org/doc/draft-baushke-ssh-dh-group-sha2 >> >> I believe that OpenSSH and Dropbear SSH have both implemented >> interoperable versions using the current 01 version at this point in time. >> >> I would be interested in hearing if any other implementations have >> adopted these new DH groups. >> >> Are there any additional comments or changes needed for the draft >> before we can move to the next step in the process? >> >> Hmmm... What is next? Getting 'AD is watching' or is it getting a >> document shepherd? > > There's no active SSH WG, but there is the curdle WG. Its charter [1] however is limited in terms of what it's allowed to add to protocols. OTOH, this is not defining any new groups, just updating codepoints, including deprecating one (to NOT RECOMMENDED). So the draft could fit there on that basis I guess. So I'd say send a mail to the curdle list and suggest this be adopted there. > > If that doesn't work I can look at AD sponsoring it, but since one of the reasons to setup curdle was to avoid too many of these being AD sponsored, please try there first. > > Cheers, > S. > > [1] https://tools.ietf.org/wg/curdle > >> >> Thank you, >> -- Mark > > _______________________________________________ > Curdle mailing list > Curdle@ietf.org > https://www.ietf.org/mailman/listinfo/curdle -- "Man is born free, but everywhere he is in chains". --Rousseau.
- Re: [Curdle] Call for Adoption Mark D. Baushke
- Re: [Curdle] Call for Adoption Mark D. Baushke
- RE: [Curdle] Call for Adoption Daniel Migault
- Re: [Curdle] Call for Adoption Watson Ladd