Re: SSH in ECC Internet Draft

To: sommerfeld%sun.com@localhost
Subject: Re: SSH in ECC Internet Draft
From: Ben Harris <bjh21%bjh21.me.uk@localhost>
Date: Tue, 10 Oct 2006 19:07:02 +0100

In article <1160499087.4380.11.camel@thunk> you write:
>On Tue, 2006-10-10 at 11:17 -0500, Nicolas Williams wrote:
>> On Wed, Oct 11, 2006 at 01:52:24AM +1000, Damien Miller wrote:
>> > IMO that (some) ECC libraries happen to use ASN.1 is not a good reason
>> > to use it as protocol element.
>> 
>> The draft defines one ASN.1 type ('curves', a SEQUENCE of OIDs) where
>> existing SSHv2 constructs could be used instead.  The draft's other uses
>> of ASN.1/DER do not require an implementation of SSHv2 to implement
>> ASN.1/DER outside ECC libraries, but this one type does.
>
>actually, it looks to me like there may be a deeper problem: the same
>"two level negotiation" issue which affected the gssapi key exchange.
>
>I think you need to define a family of ssh key exchanges, one per
>defined "curve", so that two implementations which support
>noninteresecting sets of ECC curves but also support other KEX
>mechanisms can find other common mechanisms.

Um, implementations aren't allowed to support non-intersecting sets of 
curves, since Appendix A.1 requires all implementations to support four 
standard curves.

-- 
Ben Harris

Follow-Ups:
- Re: SSH in ECC Internet Draft
  - From: Joseph Galbraith

References:
- SSH in ECC Internet Draft
  - From: Jon Green
- Re: SSH in ECC Internet Draft
  - From: Nicolas Williams
- Re: SSH in ECC Internet Draft
  - From: Bill Sommerfeld

Prev by Date: Re: SSH in ECC Internet Draft
Next by Date: Re: SSH in ECC Internet Draft
Previous by Thread: Re: SSH in ECC Internet Draft
Next by Thread: Re: SSH in ECC Internet Draft
Indexes:

Home | Main Index | Thread Index | Old Index