IETF Logo Mail Archive

Re: Universal 2nd Factor (U2F) Authentication for Secure Shell?

Mouse <mouse@Rodents-Montreal.ORG> Fri, 06 January 2017 08:22 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72242129C59 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Fri, 6 Jan 2017 00:22:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.3
X-Spam-Level:
X-Spam-Status: No, score=-7.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Y32AjVhIElC for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Fri, 6 Jan 2017 00:22:02 -0800 (PST)
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33A0B129C58 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Fri, 6 Jan 2017 00:22:02 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 9D45185606; Fri, 6 Jan 2017 08:22:01 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: by mail.netbsd.org (Postfix, from userid 1347) id 5BCDC85604; Fri, 6 Jan 2017 08:22:01 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id A98B285713 for <ietf-ssh@NetBSD.org>; Thu, 5 Jan 2017 13:52:42 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id lGMyGt673Kt4 for <ietf-ssh@netbsd.org>; Thu, 5 Jan 2017 13:52:42 +0000 (UTC)
Received: from Stone.Rodents-Montreal.ORG (Stone.Rodents-Montreal.ORG [98.124.61.89]) by mail.netbsd.org (Postfix) with ESMTP id BE53C855B3 for <ietf-ssh@NetBSD.org>; Thu, 5 Jan 2017 13:52:41 +0000 (UTC)
Received: (from mouse@localhost) by Stone.Rodents-Montreal.ORG (8.8.8/8.8.8) id IAA09319; Thu, 5 Jan 2017 08:52:41 -0500 (EST)
Date: Thu, 05 Jan 2017 08:52:41 -0500
From: Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <201701051352.IAA09319@Stone.Rodents-Montreal.ORG>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
X-Composition-Start-Date: Thu, 5 Jan 2017 08:34:06 -0500 (EST)
To: ietf-ssh@NetBSD.org
Subject: Re: Universal 2nd Factor (U2F) Authentication for Secure Shell?
In-Reply-To: <F24913CC-2385-45D6-85C3-B390673190DF@timeheart.net>
References: <20170103121647.GF4689@serpens.de> <F24913CC-2385-45D6-85C3-B390673190DF@timeheart.net>
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

>> https://www.ietf.org/archive/id/draft-josefsson-secsh-u2f-00.txt

Assuming this has the same content as
http://www.ietf.org/archive/id/draft-josefsson-secsh-u2f-00.txt:

It is misnamed.  I see nothing "universal" about this. (Cf xkcd #927.)

I agree that registration does not belong here, any more than editing
authorized-keys or known-hosts records, or new key generation, belongs
in the base protocol.

The referenced fidoalliance document points to at least two references
which are 404 (at least for me; given the content of the 404 page, this
might be the usual nginx bogon, but the first document working suggests
not).  In any case, depending on external documents for
implementability strikes me as a good way to not get implemented.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

v2.23.0 | Report a Bug | By Email