Fwd: [Cryptography] Why aren’t we using SSH for everything?
grarpamp
grarpamp at gmail.com
Mon Jan 5 19:38:41 EST 2015
There were a few notes in this thread that may indicate
open areas for development. I forward merely as FYI.
http://www.metzdowd.com/pipermail/cryptography/2015-January/024231.html
---------- Forwarded message ----------
From: Peter Gutmann <pgut001 at cs.auckland.ac.nz>
Date: Sun, Jan 4, 2015 at 9:29 PM
Subject: Re: [Cryptography] Why aren’t we using SSH for everything?
To: calestyo at scientia.net, pgut001 at cs.auckland.ac.nz
Cc: cryptography at metzdowd.com
Christoph Anton Mitterer <calestyo at scientia.net> writes:
>On Sun, 2015-01-04 at 18:54 +1300, Peter Gutmann wrote:
>> TLS finally fixed this after a year-long battle to get the change accepted. I
>> also suggested it to the SSH folks but they weren't interested, and after the
>> fight it took to get it into TLS I just didn't have the energy to go through
>> the same thing for SSH.
>
>$ ssh -Q mac | grep etm
>hmac-sha1-etm at openssh.com
>hmac-sha1-96-etm at openssh.com
>hmac-sha2-256-etm at openssh.com
>hmac-sha2-512-etm at openssh.com
>hmac-md5-etm at openssh.com
>hmac-md5-96-etm at openssh.com
>hmac-ripemd160-etm at openssh.com
>umac-64-etm at openssh.com
>umac-128-etm at openssh.com
I've done the same thing, but the problem is that a bunch of (probably)
incompatible vendor-specific extensions doesn't profit the community as a
whole. If anyone from OpenSSH would like to get in touch, we can (a) see if
what we're doing is interoperable and (b) document it in an RFC for general
adoption.
Peter.
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the openssh-unix-dev
mailing list