Re: Key Re-Exchange

[Mats Andersson <mats%mindbright.se@localhost>]

Ouch,

On Wed, 4 Apr 2001, Mats Andersson wrote:
> I agree that the draft might improve on clarity here.

Shouldn't have said that when beeing ambigious myself! :-)

> ...
> The transport layer enters key exchange state as soon as a KEXINIT message
> is received. When this message is received, a party MUST respond with its
> own SSH_MSG_KEXINIT message except when the received SSH_MSG_KEXINIT
> already was a reply. During key exchange the only valid messages, both for
> reception and transmission, are the KEX packets (range 30-49) and
> SSH_MSG_DEBUG, SSH_MSG_DISCONNECT and SSH_MSG_IGNORE. Any other messages
> SHOULD be considered a fatal protocol error. The key exchange state ends
> by each side sending an SSH_MSG_NEWKEYS message.
> ...

Should be something like:

The transport layer receiver enters key exchange state when it has
received a KEXINIT. Symmetrically the transmitter enter key exchange state
when it has sent a KEXINIT message. When a KEXINIT message has been
received, a party MUST send a KEXINIT message if its transmitter isn't
already in key exchange state. During key exchange the only valid
messages, both for reception and transmission, are the KEX packets (range
30-49) and SSH_MSG_DEBUG, SSH_MSG_DISCONNECT and SSH_MSG_IGNORE. Any other
messages SHOULD be considered a fatal protocol error. The key exchange
state in the transmitter ends when a SSH_MSG_NEWKEYS is sent.
Symmetrically the key exchange state ends in the receiver when the
SSH_MSG_NEWKEYS is received.

(incidentally, this is how I described our implementation though I'm
better at writing code than definitions of what it does :-).

Cheers,

/Mats