IETF Logo Mail Archive

[Curdle] draft-ietf-curdle-ssh-modp-dh-sha2 & draft-ietf-curdle-ssh-kex-sha2

Tero Kivinen <kivinen@iki.fi> Mon, 12 September 2016 16:59 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EF28128E18 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Mon, 12 Sep 2016 09:59:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.708
X-Spam-Level:
X-Spam-Status: No, score=-5.708 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IGgp-GTzWjwB for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Mon, 12 Sep 2016 09:59:29 -0700 (PDT)
Received: from mail.netbsd.org (mail.NetBSD.org [IPv6:2001:470:a085:999::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A18AF127A91 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Mon, 12 Sep 2016 09:59:25 -0700 (PDT)
Received: by mail.netbsd.org (Postfix, from userid 605) id 6B72785EC0; Mon, 12 Sep 2016 16:59:25 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: by mail.netbsd.org (Postfix, from userid 1347) id 2736685EBF; Mon, 12 Sep 2016 16:59:25 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 0B5A285E54 for <ietf-ssh@NetBSD.org>; Mon, 12 Sep 2016 13:09:19 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id ceWoJOU45X97 for <ietf-ssh@netbsd.org>; Mon, 12 Sep 2016 13:09:18 +0000 (UTC)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id 3183585E13 for <ietf-ssh@NetBSD.org>; Mon, 12 Sep 2016 13:09:13 +0000 (UTC)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id u8CD8xeR012322 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 12 Sep 2016 16:08:59 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id u8CD8wi6025340; Mon, 12 Sep 2016 16:08:58 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <22486.43242.802279.610275@fireball.acr.fi>
Date: Mon, 12 Sep 2016 16:08:58 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: "Mark D. Baushke" <mdb@juniper.net>
Cc: Curdle <curdle@ietf.org>, IETF SSH <ietf-ssh@NetBSD.org>
Subject: [Curdle] draft-ietf-curdle-ssh-modp-dh-sha2 & draft-ietf-curdle-ssh-kex-sha2
In-Reply-To: <41049.1473653352@eng-mail01.juniper.net>
References: <41049.1473653352@eng-mail01.juniper.net>
X-Mailer: VM 8.2.0b under 24.5.1 (x86_64--netbsd)
X-Edit-Time: 7 min
X-Total-Time: 7 min
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

Mark D. Baushke writes:
> Key Exchange Method Name              Reference     Note
> curve25519-sha256                     ssh-curves    MUST
> diffie-hellman-group-exchange-sha1    RFC4419       SHOULD NOT
> diffie-hellman-group1-sha1            RFC4253       SHOULD NOT
> diffie-hellman-group14-sha1           RFC4253       SHOULD
> diffie-hellman-group14-sha256         new-modp      MUST
> diffie-hellman-group16-sha512         new-modp      SHOULD
> ecdh-sha2-nistp256                    RFC5656       SHOULD
> ecdh-sha2-nistp384                    RFC5656       SHOULD
> ecdh-sha2-nistp521                    RFC5656       SHOULD
> gss-gex-sha1-*                        RFC4462       SHOULD NOT
> gss-group1-sha1-*                     RFC4462       SHOULD NOT
> gss-group14-sha1-*                    RFC4462       SHOULD
> gss-group14-sha256-*                  new-modp      SHOULD
> gss-group16-sha512-*                  new-modp      SHOULD
> rsa1024-sha1                          RFC4432       SHOULD NOT

(I remove algorithms with status of MAY, to make it shorter).

That looks mostly ok. Most of the sha1 -> SHOULD NOT, with exception
to the diffie-hellman-group14-sha1 and gss-group-14-sha1-*, which are
still kept as SHOULD for backwards compatible reasons.

The MUSTs are good, but there seems to be quite a lot of SHOULD
versions. Is there really need for that many SHOULD algoritms. For
example is there reason to keep ecdh-sha2-* as SHOULD when
curve25519-sha256 will be MUST?

Also, is there need to update other algorithms, i.e. encryption
algorithms, MAC algorithms, Public key names, comperssion algorithms
etc? Are the implementation requirements for them up to date (I do not
know, as I have no idea which of them are now mandatory to implement,
and which are not). 
-- 
kivinen@iki.fi

v2.8.7 | Report a Bug | By Email