Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)

"Mark D. Baushke" <mdb@juniper.net> Fri, 12 February 2016 07:50 UTC

Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender)
To: denis bider <ietf-ssh3@denisbider.com>
CC: Peter Gutmann <pgut001@cs.auckland.ac.nz>, ietf-ssh@NetBSD.org
Subject: Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
In-Reply-To: <99035674-2196@skroderider.denisbider.com>
References: <99035674-2196@skroderider.denisbider.com>
Comments: In-reply-to: denis bider <ietf-ssh3@denisbider.com> message dated "Fri, 12 Feb 2016 07:22:53 +0000."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Thu, 11 Feb 2016 23:49:42 -0800
Message-ID: <24239.1455263382@eng-mail01.juniper.net>
MIME-Version: 1.0
Content-Type: text/plain
SpamDiagnosticOutput: 1:23
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Feb 2016 07:49:48.0134 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN1PR05MB057
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

Hi denis,

Two questions:

  a) Should the draft list all of the Key Exchange Method Names 
     in the https://www.ietf.org/assignments/ssh-parameters/ssh-parameters.xml
     table?

     If so, does the following capture the desired state?
  
Key Exchange Method Name              Reference     Note
diffie-hellman-group-exchange-sha1    RFC4419       NOT RECOMMENDED
diffie-hellman-group-exchange-sha256  RFC4419       OPTIONAL
diffie-hellman-group1-sha1            RFC4253       NOT RECOMMENDED
diffie-hellman-group14-sha1           RFC4253       OPTIONAL
ecdh-sha2-nistp256                    RFC5656       REQUIRED
ecdh-sha2-nistp384                    RFC5656       REQUIRED
ecdh-sha2-nistp521                    RFC5656       REQUIRED
ecdh-sha2-*                           RFC5656       OPTIONAL
ecmqv-sha2                            RFC5656       OPTIONAL
gss-gex-sha1-*                        RFC4462       NOT RECOMMENDED
gss-group1-sha1-*                     RFC4462       NOT RECOMMENDED
gss-group14-sha1-*                    RFC4462       NOT RECOMMENDED
gss-*                                 RFC4462       OPTIONAL
rsa1024-sha1                          RFC4432       NOT RECOMMENDED
rsa2048-sha256                        RFC4432       OPTIONAL
diffie-hellman-group14-sha256         This Draft    OPTIONAL
diffie-hellman-group15-sha256         This Draft    REQUIRED
diffie-hellman-group16-sha512         This Draft    RECOMMENDED
diffie-hellman-group17-sha512         This Draft    OPTIONAL
diffie-hellman-group18-sha512         This Draft    OPTIONAL

Note: I do not know of any rsa2048-sha256 implementations from RFC4432,
I suspect at least someone is using it or it would not be in RFC4432,
who is using it? A similar question for gss-* and RFC4462 comes to mind
as well.

  b) Is it desirable to specify all of group 14, 15, 16, 17, and 18 as
     to the hashing algorithm to be used NOW? Or, is it better to drop
     15 and 17 for now? If so, is it desirable for group14-sha256 to be
     REQUIRED, RECOMMENDED, or OPTIONAL ?

diffie-hellman-group14-sha256         This Draft    RECOMMENDED
diffie-hellman-group16-sha512         This Draft    RECOMMENDED
diffie-hellman-group18-sha512         This Draft    OPTIONAL

Thank you for your consideration.

	-- Mark

draft-baushke-ssh-dh-group-sha2-01 (was Re: DH gr… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Stephen Farrell
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… IWAMOTO Kouichi
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Damien Miller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Peter Gutmann
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Niels Möller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Peter Gutmann
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Peter Gutmann
RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Peter Gutmann
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Niels Möller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Peter Gutmann
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Peter Gutmann
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Damien Miller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Damien Miller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Damien Miller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Niels Möller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Mark D. Baushke
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Niels Möller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Damien Miller
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… denis bider
Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: D… Simon Josefsson