Re: ssh-ed25519 implementations

"Mark D. Baushke" <mdb@juniper.net> Thu, 11 May 2017 13:37 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2193D12EB99 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Thu, 11 May 2017 06:37:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.091
X-Spam-Level:
X-Spam-Status: No, score=-4.091 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iIN_eYbzTQeN for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Thu, 11 May 2017 06:36:53 -0700 (PDT)
Received: from mail.netbsd.org (mail.NetBSD.org [IPv6:2001:470:a085:999::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCB21129B38 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Thu, 11 May 2017 06:32:47 -0700 (PDT)
Received: by mail.netbsd.org (Postfix, from userid 605) id 360AF84E01; Thu, 11 May 2017 13:32:46 +0000 (UTC)
Delivered-To: ietf-ssh@NetBSD.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id A6FBC84CF0 for <ietf-ssh@NetBSD.org>; Thu, 11 May 2017 13:32:42 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (1024-bit key) header.d=juniper.net
Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id yl9vqagihNu3 for <ietf-ssh@netbsd.org>; Thu, 11 May 2017 13:32:41 +0000 (UTC)
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on072e.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe40::72e]) by mail.netbsd.org (Postfix) with ESMTP id C72D084CE1 for <ietf-ssh@NetBSD.org>; Thu, 11 May 2017 13:32:39 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=YsdaRhjQmrIqlMXY0GDgL4JY6kJys4f7RE+xoRuExIM=; b=KcUSuhmiBEB3iCYZv3oM1BKw7b1byP1KUidy7f+1qNwMdvCz/LRuOLzp6Z9jquuOnHt2ro4HR5nvDP+VS0ib29jhrZE2S00nbnoAAjhruFs0w6xda5l/G9Jph0QXVp/cJdMAIiOUm8IwuZjBTWkTNymupYClbEhH/vLhfqQJhRk=
Received: from CY1PR05CA0004.namprd05.prod.outlook.com (10.166.186.142) by CY4PR05MB2902.namprd05.prod.outlook.com (10.169.183.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1101.5; Thu, 11 May 2017 13:32:38 +0000
Received: from CO1NAM05FT041.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e50::205) by CY1PR05CA0004.outlook.office365.com (2a01:111:e400:c5a4::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1084.7 via Frontend Transport; Thu, 11 May 2017 13:32:38 +0000
Authentication-Results: spf=softfail (sender IP is 66.129.239.12) smtp.mailfrom=juniper.net; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=fail action=none header.from=juniper.net;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.12 as permitted sender)
Received: from p-emfe01a-sac.jnpr.net (66.129.239.12) by CO1NAM05FT041.mail.protection.outlook.com (10.152.96.154) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256) id 15.1.1075.12 via Frontend Transport; Thu, 11 May 2017 13:32:37 +0000
Received: from p-mailhub01.juniper.net (10.160.2.17) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Thu, 11 May 2017 06:32:36 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [172.17.28.114]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id v4BDWYq0027592; Thu, 11 May 2017 06:32:34 -0700 (envelope-from mdb@juniper.net)
Received: from eng-mail01.juniper.net (localhost [127.0.0.1]) by eng-mail01.juniper.net (Postfix) with ESMTP id 7B18411446; Thu, 11 May 2017 06:32:32 -0700 (PDT)
To: Eric Rescorla <ekr@rtfm.com>, Ron Frederick <ronf@timeheart.net>, "Brian Smith" <brian@briansmith.org>, denis bider <denisbider.ietf@gmail.com>, Simon Tatham <anakin@pobox.com>
CC: "ietf-ssh@NetBSD.org" <ietf-ssh@NetBSD.org>, "curdle@ietf.org" <curdle@ietf.org>
Subject: Re: ssh-ed25519 implementations
In-Reply-To: <CABcZeBNYUV=-azoZzZjnNtCEu3K0A-THHN2mt02V65oihbbrXw@mail.gmail.com>
References: <76FD0F39-1F3D-4476-A3D8-D4C942C2EFD1@juniper.net> <CABcZeBNYUV=-azoZzZjnNtCEu3K0A-THHN2mt02V65oihbbrXw@mail.gmail.com>
Comments: In-reply-to: Eric Rescorla <ekr@rtfm.com> message dated "Wed, 10 May 2017 09:20:37 -0700."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Thu, 11 May 2017 06:32:32 -0700
Message-ID: <36528.1494509552@eng-mail01.juniper.net>
MIME-Version: 1.0
Content-Type: text/plain
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.12; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(39400400002)(39840400002)(39450400003)(39410400002)(39860400002)(39850400002)(2980300002)(189002)(199003)(51444003)(9170700003)(2950100002)(76506005)(53416004)(47776003)(105596002)(54906002)(50986999)(229853002)(55016002)(6306002)(8656002)(86362001)(53936002)(77096006)(76176999)(7846003)(6392003)(54356999)(478600001)(305945005)(7696004)(2906002)(2810700001)(106466001)(6266002)(48376002)(6246003)(189998001)(38730400002)(4326008)(356003)(117636001)(7126002)(5003940100001)(8936002)(8676002)(5660300001)(81166006)(50466002)(39060400002)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR05MB2902; H:p-emfe01a-sac.jnpr.net; FPR:; SPF:SoftFail; MLV:ovrnspm; MX:1; A:1; PTR:InfoDomainNonexistent; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; CO1NAM05FT041; 1:FGKJDnZDyhO1hivfO28qCfuGxdQsq52sE1pCKhC/1XWgY5lgu12kjsrX060awP4btp0NeUp8RDKAX2mxoBaAfpG3vRUQOFhGsCFdSEnxZf64WYB5yvUxrwagc8H966Ij6HGdLVwYPxsgnStt0OD+G2EG6wyqLAXoIqGxma9KlMTD9/0H841ka86LC2Rtw1UEVK2eRA0tv7OsbCe8acNWB/R2nF5F0pn3XZdXkmO6QgrZn5sOPX1f964BhwS3d+czfaEXvRAf3m48O1e4I56LHkMSqtxAPG+zkncUYPHvJQD2BknpxXfOCTll+eAZW7aZv0XxXR6pgimTEMBhR6DWhUz1BcfycD+U4ocCc4E620m1dtyqlvekxRNpA84n307Uz98Z7hkIJWoDduATQD3RB04kD66RjH/ci6yriJr9tM8Cyo5P6PMN5LaYV6BZsBX7/vqk46ATperH/OCZBxokZjlG5GEODt3KWx1OTiLNVIiMYVOa6M636lmz1cJJmnkAAR3FDEmeUrfB7ggrZHZXw9ds7iHrFYx4d7NQssqHL+XxXEUsm4box9kV0PhE3bBJXMV4ylXicFkapwX2Q6r98pxkncz40bUpMPlZ9vXHZ99tN/5G3/D4wI+4CZsabHKL
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CY4PR05MB2902:
X-MS-Office365-Filtering-Correlation-Id: 148a9d25-8ac7-49d7-f682-08d4987230ea
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:CY4PR05MB2902;
X-Microsoft-Exchange-Diagnostics: 1; CY4PR05MB2902; 3:iEWZlOm3JpaZfv9rZQRMNKEJofLMVr6LoV3x5MP3YzNA3MyzM3c5+o1CW0au+GjE/94xSH2fu1NtjYuJXaA4dpuBPfruEdL5SmtZWcJ0ZHuFdbijkP4Fsih+RY8POHBuvSPNhlPdHl+NowoH26ldhNE7C4PG7R4Wcb4pQEhZEf5GoGPHi9/bC4A2oQi4LANbiUBi8Dig4UnN0YOtgQjT0FkXWv7C/l8XKU1fwkbz/nKP1nzcHlM0ynvVgsD9jSEX+27ZcSeUQbNTfSra8QzS3TR90+D9FFIW+AGBXXlRcyH0ZpS6as8DJsolOX1LD6LSO5ULBw44Rx4sRki9Bs29xKhse7zloAv5RKwUXPW1rPv93R3syTKvOt3f9/jqr1+ON2Hb6ZShQSymwTOVfBEQgV59ba6Enjj//5cRaV7a8AdoFPh5Vl9EYTK0bG2zS5LrbxqEN4+Td3yFCM7A4ycCbQ==
X-Microsoft-Exchange-Diagnostics: 1; CY4PR05MB2902; 25:y6yBy1R2eXxgyMvZ+6J39uawfMW5IpRh1nD7G932of7/wh6SRGp3hUe58i5PgwaHs2Lm0tzIrbMCPbY97zDZqB9wpMf6hztQnGJMPoWCzLDjfTamdKJAn2AlWJ+f7es1Yr3/Ssz/gBRJNrWlh1rxyiCeBxHhand28+D+GNRrWjBMcXGsYxdfKoSqN6ZaizHyr+NFHIl8H7MY+r1rNxhIQFTdkjTv9Kw3QdbkpDmE44FrmGywAnSoa9opZhXpsTpiScErOVppgj4TOjbVz9eTaxEwIQiedXi+8DFMr3EpNHy5yW5oISvBtrpFLwzayc7XjGi9Y7pJgs/4z4DSefH6AexukozpQwVp3FhH7sEVT/+OHkziBOgulPnwpbgQdaFEkPc+p693kRDeqfPln1i/b4Uxde5q6C1dfNTwblFMAgev8DQkVGm2CSWS/aGYvM30A2u3xcWGeqpeuAbM9M+qvvXi4EnZurypj7Icho5sKcE=; 31:677kC0IycnoldK9J7d0r2CN4HYJ4dUsS/jCu27sTSxD3LZqwx4y9OyMMyA99tPS5ZO60xvxrOJ2l1tddvJN2qA47XYsYmUYD9hGX9Rx160Y5dFErgXuIlh2pG9soJi2eIBd+dU8IUWTxQqioLfv9taEH8YPcbzImycyQEJ58Wo0WK64nMZ918SoI+T0ln2CGfrlqBc6WBJw7UdARWWWk7Ov8nyg9H4vZvObi30PVxgdPrMO/n7Qb36IJd/YzAdjcXrYIp5KSJ82lsa1ddwf1+w==
X-Microsoft-Exchange-Diagnostics: 1; CY4PR05MB2902; 20:3Paz/HG+0uoOOafyG3sP+2ZZDdmRd1SOg+BtsI2rzldaU0z37hT1NC0W6AD914nYGAKUk1ivY6a3fqNKpZDh3pPwGuIGNw5ArPPEJ+alSAp9oKGPYJQPpof5xRWA4rCy7XlZbQYeDM0MF5CKV+TBSwKrn31r9F2/cqZ4UFyHbOW3D0bfrQldHr1d6GdtSJIVtmUcFF2D/9+TMXJwl0Jttx23bL6HB2HkBkN7T6U/BiRaekJW8kZA4sYVR3iHgi490Rj9M6eHzRUYHbZT/xXSmaSpHZxxER4Xnpi9ngXL4M8qHF90dPlMAJZ2QMqmuqB40S8lnKbJk5my2X+N10pmBL80LR+lUgWKs/T8sVJxxWMiCdt9SlQZHFZIpDKeWHR8c0imgArrgwsAY3tjH7vQJHCBd/lZiKrrmaYjWkLHpgpLHd1erkLH4ObYipateUBYes9Qcobod2Z2Ezum79ost6HAwnqN4xufXbzI//0bdAAYStLNHzzVPNzGnU/Visb3
X-Microsoft-Antispam-PRVS: <CY4PR05MB2902095FF26E7F98B2D7649ABFED0@CY4PR05MB2902.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700036)(100105000095)(100000701036)(100105300095)(100000702036)(100105100095)(6040450)(601004)(2401047)(13024025)(13018025)(13023025)(13017025)(13015025)(8121501046)(5005006)(3002001)(10201501046)(100000703036)(100105400095)(93006095)(93003095)(6055026)(6041248)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(20161123558100)(20161123562025)(6072148)(100000704036)(100105200095)(100000705036)(100105500095); SRVR:CY4PR05MB2902; BCL:0; PCL:0; RULEID:(100000800036)(100110000095)(100000801036)(100110300095)(100000802036)(100110100095)(100000803036)(100110400095)(100000804036)(100110200095)(100000805036)(100110500095); SRVR:CY4PR05MB2902;
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY4PR05MB2902; 4:8zsfbIy2kV29uGrLWHiKW4xNYZSlPsg5q5C/a/83WD?= =?us-ascii?Q?nEuRE1iv5NUzywQUQDvCtQWkOCoes5HTYhqtQ73OuUs5cBTn5t3GhepmU2Ur?= =?us-ascii?Q?T+uIPhepVWlapBdnjclvX8s4CguyqxcCyK0t5Y1xfhoKR+zGHQQPW271dcVK?= =?us-ascii?Q?vF3JpFvUC/WjDT8oFqeFfV2He+YostSWzXFGh6fyXXAvyAw9v2jLSVd8Tnyp?= =?us-ascii?Q?B/5hTTIVuygiVWQ/1wOSNIS1JzPwDvaWeNrW6gnaCQtd1c9V6XXqP+HuGIG0?= =?us-ascii?Q?DamaU5LskI5fTg+ukrlG8wt/ySNx6eXr1IRtYTKaVA3THK0/YEHL+KPGDV9L?= =?us-ascii?Q?jP1oJbqEWOuLFBM28kFbjrZaf8N2KEkHey6RC8nxeZ1uIwmEJTpKyb16eeOB?= =?us-ascii?Q?JtfAUkvEkpjedQjbebunARs0x/c4nv8HJ3eShFbYYzZjeAuCJoaINPaNVCLv?= =?us-ascii?Q?BegKQB7HADO6IcRrEreX93IIFU30t6t0Cv9uk9gluEA58LoHoOpuaxcmOS4e?= =?us-ascii?Q?+hveZKeXS74yZCfoYMPMZnBXYR+6lEc/ib3VQOERy16aCrpWAHpIo1VcHIoP?= =?us-ascii?Q?5d6RqEekrLnO5wzYZ+8KUnIDFNd/SLsr3BaLO1JXAjLFYJNC282Tba7jiZvg?= =?us-ascii?Q?T/v34CsigZXO2YXfHRh7De8WHGG5Blk50Qop5/UAUcgvU5YF0dPVJtRJid9e?= =?us-ascii?Q?ddS4EPQ9deJ/4AU4QhVgIUQ9uGYsVQTjt596oUmsieZxjOzyfEfFRH9WSDUB?= =?us-ascii?Q?0RZ7H9Zx2Z4XmT34SjT0R2p2bkKhek/74BDEdcAfuwQWk5OYzsZO3Z3gDbXL?= =?us-ascii?Q?kqDRNUL56rlwQR7+0dBWYK/LshuQZg9laKvjj/ifGggokpLh66aC9otLYRvl?= =?us-ascii?Q?P/86P5zGWQCtbF+1a2RlDBmX2D2vXBsUqVulIIVG0gb9cNF8T2G+wiY8NLn7?= =?us-ascii?Q?Lq8uvKbtwC/IeVX/n4xLqJG/STTWRAEmqTVzHxoKjjZMpbQma5w7pCGTsM2o?= =?us-ascii?Q?aJ4Q0u3MBFyokgPRJ3JC4sdKauL89dQ+3ymS8k5Q+aBuSJi13CMpPzArkXnt?= =?us-ascii?Q?S1JuKvYPf9yjq8iffOoyJho7Vocv/e9ik6+Ovl/h+xOcJpq33By2YpT/Bwxs?= =?us-ascii?Q?VIrHO/+x5mQ+Yk56/qZNm7OUsRh7bixidWodAjxFLrQvvqqKNCGnymR1BrdJ?= =?us-ascii?Q?XWl3K2qi+CbzMw3IVqYzSMEaob+k27tPxJFnyC+tlenmMi7y2CcRjpgRr+BU?= =?us-ascii?Q?ElqLz4UWYnKdFWeVg=3D?=
X-Forefront-PRVS: 0304E36CA3
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY4PR05MB2902; 23:Kgh4Iy3DjsPoTjiAkbBj0K9spzBL5U9oKggvuxIKT?= =?us-ascii?Q?y0bvC/qYrMJPUpjtU8Cv2QbVlQSN3VtkFZwEr+G6PffWOu1z/do/ehgD+Tam?= =?us-ascii?Q?AkpevMRfqCCGtmdUsGvVXZqJSVs4epz9XjaIzfxQKhRBQrz5vHuTGW81CdUs?= =?us-ascii?Q?B6FB6q8hHd73j/KxUa+unlgF8BRCGtXdsLaoa6WT2suBrMajGfTnvtUK6UrT?= =?us-ascii?Q?BmCACi8i5ACTV2zZ2qw9jmgWfwga+TITrA6/NSfnQNMtE/RZOiMmz2Ig+MRF?= =?us-ascii?Q?9O0tPhMGjvkiEPpGAkJrW4ZG85lftQ19Pc0FzwVQNGPBTHoYrptIz9e0pyku?= =?us-ascii?Q?+ryY6xbRdrTw65ywilc+kOLYLtbe+b7rbeKIlCHmOe6QiXB/XG7TatmPkErE?= =?us-ascii?Q?TRgkE4louKGng8wimN/5Lyb5z0y5EkCtTnF9SyCtb+bJkaO5aGDvHSotqE9f?= =?us-ascii?Q?UfCUMdHrUgnCwzwjsKBJrSXQtAAJ/MZ4iFEQ0dCXYHUdeOzc5jv4vEtxt3P2?= =?us-ascii?Q?gU/dvc5uEGz6k8s6vkh7T+EIq4jHOReh+ZWQA+hsT4G3W3lbPB44zACPfdaB?= =?us-ascii?Q?P/kTc5GTHKse0DoK9NrsDcI862p/MWPNxtbSDD9JZcQH0/EBVq9hGS+2zvnj?= =?us-ascii?Q?+ZnzaC+oSJY1n6SCaHBpuMqDEr45DAoDsbjsAq9nFZCYg73eQdpClyWAnpQQ?= =?us-ascii?Q?hVA5dA50jXv+Ps2HxTRs+EolrfFqr8eDM2MwJkwlcz3g1FRS9mK8kEb7M5ww?= =?us-ascii?Q?Jj+q+xX7eNwBtO/ZLJq7g92I8s5jUHTwuTY5iWEiGwB6Ve33xlUEa/vg6KhL?= =?us-ascii?Q?CpEPaGGukXQIfAhHRk9K11/oRKzEOKV1kKsEaVIJS/cRJfamZygaQuMrEffr?= =?us-ascii?Q?KbQbGxtUeRveaybZIIJPobTb1LSfTvLtshCDO+mnS4elM2/LWKtphmxLscUB?= =?us-ascii?Q?SoJu/Wd/JilRDcTNywg7mhVl+KF8oMiU92ABf7NY0PwCKhNRD9/x3Rfzxr1Y?= =?us-ascii?Q?eKAYL+UDANx0AWdtrT2v1nkM6M6LPWWy5LQCJCa5kwRC9yZDBFmih/AO1xmO?= =?us-ascii?Q?wJneSRftVyQm+K6ZmopKMwKQCOhivpwkVSDyzepdMQ2Mi3cvB9bCIN84/jzV?= =?us-ascii?Q?ijq7EXanxi+hf228RkdzZIcy+/BkC3jP1MI7ZilZKPKVv2D7/ipLoWYKezDZ?= =?us-ascii?Q?MPP/4oz+Jf1cNZKGlE/ozKGAe1jBNCLXdO+Uxw7048pS6Fj//U+QTeGvOyti?= =?us-ascii?Q?DAPDwXKzYaVgbl4avF/fYGVE51D2tT7JKGTHlN6dIWpoE7SzzZlN1YK4qXZr?= =?us-ascii?Q?y0xhGZEijbJ+gW8QFxFqhk=3D?=
X-Microsoft-Exchange-Diagnostics: 1; CY4PR05MB2902; 6:F2lgybfrGeQ7Ab6k6e0Uu5NyKjZADjWhlaSABvByAgLgGxiupz0IxD3gLwCEFUXDAX42BetyJPDEm8BPiNW1YKNn+eQhcNiJRS6If1aSajQMQ3cZtgknXcC1XdtBkmKtIIGi5W1pPodUhcLXQd0JtaxIimJ90DWVfc+o3/36KH3yRG2BJ9T7IdVyxBHI302e7NMc1ResZR93Q/e4HnBthG1BO9QMt0v+Nyxnt06E+rgpiXqwMHz5DN2zosh0fB3JL0hwmRB68HvCArKVXO4ENnLg+2rWh2rTkt/RpsxgMehxi8JE0fPniU+3h8He+Ckt2A/rB3WZys/clNZQLON+3JyLH4WUlBLnSrfaOJYGae2ZTficzu/ChisTv8RbVEHqg5GkKK9qniXV7SLQunuN/YLJMJTLeECxbCpcvtHgJpBTIQI/vgH7ZzNcdbdnlv6BzhwHVlTMRQ9mPgiZ2lrrjBzVeZ/QxMHo3iVpuW7TqN31ibw9WmiDn64Sss+YFA7aM4OIEvQuEun8SRdtfeW5ovtA66Om5wCDIfapnA5Eaw8=
X-Microsoft-Exchange-Diagnostics: 1; CY4PR05MB2902; 5:5fKX/bc2F4Ec5mO5f7ic11+sUM4sER6XBERS5U+0pMae3ziNVFwVS8cOOhvtgLONWGYT78EeLNXv0Agr0V7rUo7WX+rFCB7ILykQQZJSPMty8xo/Nz6u7zvjL1Yw8W+dTgkUqK4NRqT+I2wBCVs6Y7rAlITq7aOxMk34xsx4DopAZbK0drEh47YZp3+NGg87od1VX2TmHlBMvacZyqHgIICOY2zLQt7Eqlnui2irwH/om8NbrCgFXMXfP1QBEeutMu/H7Tc98lX83j1wiAy3tQOAAFYKfCM77Yf/5wyJVPUK5B+qwzTTQTEEAFtk3/hYPeQrti1qAdwQRqDGT7gKhqeOCcB+6mHJOSZHTLli3MO93YxBJVu0r8zOG5a+eh4ZD2jbUY/TudPCgRP+suea1eQWBh2AjhV9IaZkw8b8/KDa9W0+SjGGuI0ffftHq82g38Krq3pWDCmgz6OM3VKfdCdCcigbCloSAMONtBvL8yXNWObiDDazBHdreupRFBAo; 24:/s3ZbLTL77k/VwrWzMBh1osWH1qBkUUX/OcPa8AffxtUAOpSG13UME5L3qVI4hGYma8a8XCw+XGequPnNHbxbyXAr803qFDB3BbM5pPKd1g=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; CY4PR05MB2902; 7:ke5I83yxoOQ0r//GkpktxacsmJDlBS86M/daTp5ZvQKDKvrmPACcprQAI0vL+6ozJKaXT44X6e3ecJ3SS6HXwZ+dPAibhEOzkfgbKm2dLAAA2lfSLJLB1tvMVcKxEQhmoC4YSDD/n68vzGjJkZmFeq7JExMXgxRmWhjxY0MJciUsQBdghDn7xRh3JihQn1+/8pOQBYRjaWsKjtt0lPD1YD2Tg0LVjpEDAsb/cBqpcEwgtmetKn+pL1nUX0S/ermXiAsQPiEhYleF+DMaNrrOUx5L8Y+25Y3K32TKyhcGgkOlUJiWtZLe7LEkTKsqM09uxFAKQWU9/H0vPRl6+6uo7w==
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2017 13:32:37.7839 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.12]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR05MB2902
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20ietf-ssh&body=unsubscribe%20ietf-ssh>

Hi Eric & Ron & Brian & Simon,

Given input from folks so far, I think it would be better if both
Curve25519 and Curve448 continued to use the "mpint" format for K when
generating a hash even though this is not what RFC7748 suggests.

Would it make sense to include the following text to the end of section
2.1 of https://tools.ietf.org/html/draft-ietf-curdle-ssh-curves-04 ?

    When performing the X25519 or X448 operations, the integer values
    there will be encoded into byte strings by doing a fix-length
    unsigned litle-endian conversion, per [RFC7748]. It is only later
    when these byte strings are then passed to the ECDH code in SSH that
    the bytes are re-interpreted as a fixed-length unsigned big-endian
    integer value K, and then later that K value is encoded as a
    variable-length signed "mpint" before being fed to the hash
    algorithm used for key generation.

to help clarify the differences between RFC7748 and what is happening in
SSH?

Much of this text is borrowed from what Ron Frederick has written to me,
any remaining confusion is my fault.

I think that the above text should help clear up the confusion that Eric
noted in this section of code.

If there are no problems with this text, I will release the -05 draft
with it.

	Thank you,
	-- Mark