Ondřej Surý
2011-Jul-28 17:49 UTC
Support for ECDSA and SHA-2 (SHA-256) in the SSHFP record
Hi, I was sure I sent this to openssh at openssh.com, but cannot find that email now in my Sent mailbox, so I am sending it to the developers list. I took a liberty and wrote an I-D with accompanying patch (with contributions from Ondrej Caletka) to support ECDSA in the SSHFP DNS resource record. The I-D is here: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa-sha2 (and the source XML here: https://git.nic.cz/redmine/projects/ietf/repository/revisions/master/changes/draft-os-ietf-sshfp-ecdsa-sha2-00.xml) The patch to vanilla 5.8 here: https://git.nic.cz/redmine/projects/ietf/repository/revisions/master/changes/ssh-sshfp-ecdsa.patch Please Cc: me as I am not (and don't intend to be) subscribed to the list. I will check the archives occasionally, but Cc: would be appreciated. Thanks, O. -- Ond?ej Sur? vedouc? v?zkumu/Head of R&D department ------------------------------------------- CZ.NIC, z.s.p.o. -- Laborato?e CZ.NIC Americka 23, 120 00 Praha 2, Czech Republic mailto:ondrej.sury at nic.cz http://nic.cz/ tel:+420.222745110 fax:+420.222745112 -------------------------------------------
Damien Miller
2011-Jul-30 18:21 UTC
Support for ECDSA and SHA-2 (SHA-256) in the SSHFP record
Thanks for starting work on this - SSHFP records for ECDSA keys were on my TODO list, but I haven't yet got around to them. I briefly skimmed your draft - one question I have is whether it is better to roll up all the ECDSA key types under one SSHFP RR type. It would be quite ugly to have to allocate SSHFP RR type numbers for each possible ECDSA curve type, but using a single one might make exploitation of SHA256 preimage attacks easier. The latter is a theoretical concern, so I think a single RR type is probably correct. It would probably be best to continue discussion of this on the IETF SSH list. -d On Thu, 28 Jul 2011, Ond?ej Sur? wrote:> Hi, > > I was sure I sent this to openssh at openssh.com, but cannot find that email now in my Sent mailbox, so I am sending it to the developers list. > > I took a liberty and wrote an I-D with accompanying patch (with contributions from Ondrej Caletka) to support ECDSA in the SSHFP DNS resource record. > > The I-D is here: https://tools.ietf.org/html/draft-os-ietf-sshfp-ecdsa-sha2 (and the source XML here: https://git.nic.cz/redmine/projects/ietf/repository/revisions/master/changes/draft-os-ietf-sshfp-ecdsa-sha2-00.xml) > > The patch to vanilla 5.8 here: https://git.nic.cz/redmine/projects/ietf/repository/revisions/master/changes/ssh-sshfp-ecdsa.patch > > Please Cc: me as I am not (and don't intend to be) subscribed to the list. I will check the archives occasionally, but Cc: would be appreciated. > > Thanks, > O. > -- > Ond?ej Sur? > vedouc? v?zkumu/Head of R&D department > ------------------------------------------- > CZ.NIC, z.s.p.o. -- Laborato?e CZ.NIC > Americka 23, 120 00 Praha 2, Czech Republic > mailto:ondrej.sury at nic.cz http://nic.cz/ > tel:+420.222745110 fax:+420.222745112 > ------------------------------------------- > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >
Seemingly Similar Threads
- ssh-keygen -r should support SSHFP records for ECDSA (or at least return non-zero error code on failure)
- [Bug 2040] New: Downgrade attack vulnerability when checking SSHFP records
- [Bug 2041] New: Check for SSHFP when certificate is offered.
- [Bug 2039] New: Give proper credits for ECDSA patch
- Possible bug: SSH doesn't prefer host keys listed in SSHFP records while connecting.