The IANA has pre-allocated id 4 for ed25519. If waiting on the IANA were a reason to delay applying the SSHFP_KEY_ED25519 patch, it needn't be any longer. I've proposed un-reserving hash type 0 to be a "NULL hash", for those who'd rather publish the public key unhashed. Even if zero for unhashed fails to gain traction, I hope to see something allocated for that. But support for 4/1 ed25519/sha256 in the registry is a go.>From the xml:<record date="2014-05-09"> <value>4</value> <description>ED25519 (TEMPORARY - expires 2015-05-09)</description> <xref type="draft" data="draft-moonesamy-sshfp-ed25519"/> </record> That'll be updated once the draft is published as an rfc. -JimC -- James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
On Wed, May 14, 2014 at 02:13:19PM -0400, James Cloos wrote:> The IANA has pre-allocated id 4 for ed25519. > > If waiting on the IANA were a reason to delay applying the > SSHFP_KEY_ED25519 patch, it needn't be any longer.Hi. Thanks for the update. I don't believe the plan was to wait for IANA any longer (e.g. http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/dns.c.diff?r1=1.29;r2=1.30). So, it's probably safe to assume it'll be available on 6.7. --mancha -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140514/ba4ac75a/attachment.bin>