grarpamp
2015-Jan-05 08:38 UTC
Fwd: [Cryptography] Why aren’t we using SSH for everything?
There were a few notes in this thread that may indicate open areas for development. I forward merely as FYI. http://www.metzdowd.com/pipermail/cryptography/2015-January/024231.html ---------- Forwarded message ---------- From: Peter Gutmann <pgut001 at cs.auckland.ac.nz> Date: Sun, Jan 4, 2015 at 9:29 PM Subject: Re: [Cryptography] Why aren?t we using SSH for everything? To: calestyo at scientia.net, pgut001 at cs.auckland.ac.nz Cc: cryptography at metzdowd.com Christoph Anton Mitterer <calestyo at scientia.net> writes:>On Sun, 2015-01-04 at 18:54 +1300, Peter Gutmann wrote: >> TLS finally fixed this after a year-long battle to get the change accepted. I >> also suggested it to the SSH folks but they weren't interested, and after the >> fight it took to get it into TLS I just didn't have the energy to go through >> the same thing for SSH. > >$ ssh -Q mac | grep etm >hmac-sha1-etm at openssh.com >hmac-sha1-96-etm at openssh.com >hmac-sha2-256-etm at openssh.com >hmac-sha2-512-etm at openssh.com >hmac-md5-etm at openssh.com >hmac-md5-96-etm at openssh.com >hmac-ripemd160-etm at openssh.com >umac-64-etm at openssh.com >umac-128-etm at openssh.comI've done the same thing, but the problem is that a bunch of (probably) incompatible vendor-specific extensions doesn't profit the community as a whole. If anyone from OpenSSH would like to get in touch, we can (a) see if what we're doing is interoperable and (b) document it in an RFC for general adoption. Peter. _______________________________________________ The cryptography mailing list cryptography at metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Damien Miller
2015-Jan-05 23:58 UTC
Re: Fwd: [Cryptography] Why aren’t we using SSH for everything?
All our protocol extensions are documented in PROTOCOL.* in our source. Other open-source implementations have adopted some of our extensions (e.g. OpenSSH certificates in Go's x/crypto/ssh, chacha20-poly1305 in tinyssh) and we have adopted extensions from other open-source implementations (e.g. curve25519-sha256 at libssh.org). I've kinda given up trying to write things up for the IETF. It's dominated by commerical vendors and people with more inclination to argue on mailing lists than write good software (cf. the sftp process). -d On Mon, 5 Jan 2015, grarpamp wrote:> There were a few notes in this thread that may indicate > open areas for development. I forward merely as FYI. > > http://www.metzdowd.com/pipermail/cryptography/2015-January/024231.html > > ---------- Forwarded message ---------- > From: Peter Gutmann <pgut001 at cs.auckland.ac.nz> > Date: Sun, Jan 4, 2015 at 9:29 PM > Subject: Re: [Cryptography] Why aren?t we using SSH for everything? > To: calestyo at scientia.net, pgut001 at cs.auckland.ac.nz > Cc: cryptography at metzdowd.com > > Christoph Anton Mitterer <calestyo at scientia.net> writes: > >On Sun, 2015-01-04 at 18:54 +1300, Peter Gutmann wrote: > >> TLS finally fixed this after a year-long battle to get the change accepted. I > >> also suggested it to the SSH folks but they weren't interested, and after the > >> fight it took to get it into TLS I just didn't have the energy to go through > >> the same thing for SSH. > > > >$ ssh -Q mac | grep etm > >hmac-sha1-etm at openssh.com > >hmac-sha1-96-etm at openssh.com > >hmac-sha2-256-etm at openssh.com > >hmac-sha2-512-etm at openssh.com > >hmac-md5-etm at openssh.com > >hmac-md5-96-etm at openssh.com > >hmac-ripemd160-etm at openssh.com > >umac-64-etm at openssh.com > >umac-128-etm at openssh.com > > I've done the same thing, but the problem is that a bunch of (probably) > incompatible vendor-specific extensions doesn't profit the community as a > whole. If anyone from OpenSSH would like to get in touch, we can (a) see if > what we're doing is interoperable and (b) document it in an RFC for general > adoption. > > Peter. > _______________________________________________ > The cryptography mailing list > cryptography at metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >
Scott Neugroschl
2015-Jan-06 00:29 UTC
RE: Fwd: [Cryptography] Why aren’t we using SSH for everything?
Damien, What is the best document to use for documentation on SFTP? In other words, if I want to build an SFTP client library based on libssh.a, is there documentation about the series of messages I need to send over the wire? Thanks, ScottN -----Original Message----- From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+scott_n=xypro.com at mindrot.org] On Behalf Of Damien Miller Sent: Monday, January 05, 2015 3:58 PM To: grarpamp Cc: openssh-unix-dev at mindrot.org Subject: Re: Fwd: [Cryptography] Why aren?t we using SSH for everything? All our protocol extensions are documented in PROTOCOL.* in our source. Other open-source implementations have adopted some of our extensions (e.g. OpenSSH certificates in Go's x/crypto/ssh, chacha20-poly1305 in tinyssh) and we have adopted extensions from other open-source implementations (e.g. curve25519-sha256 at libssh.org). I've kinda given up trying to write things up for the IETF. It's dominated by commerical vendors and people with more inclination to argue on mailing lists than write good software (cf. the sftp process). -d On Mon, 5 Jan 2015, grarpamp wrote:> There were a few notes in this thread that may indicate open areas for > development. I forward merely as FYI. > > http://www.metzdowd.com/pipermail/cryptography/2015-January/024231.htm > l > > ---------- Forwarded message ---------- > From: Peter Gutmann <pgut001 at cs.auckland.ac.nz> > Date: Sun, Jan 4, 2015 at 9:29 PM > Subject: Re: [Cryptography] Why aren?t we using SSH for everything? > To: calestyo at scientia.net, pgut001 at cs.auckland.ac.nz > Cc: cryptography at metzdowd.com > > Christoph Anton Mitterer <calestyo at scientia.net> writes: > >On Sun, 2015-01-04 at 18:54 +1300, Peter Gutmann wrote: > >> TLS finally fixed this after a year-long battle to get the change > >> accepted. I also suggested it to the SSH folks but they weren't > >> interested, and after the fight it took to get it into TLS I just > >> didn't have the energy to go through the same thing for SSH. > > > >$ ssh -Q mac | grep etm > >hmac-sha1-etm at openssh.com > >hmac-sha1-96-etm at openssh.com > >hmac-sha2-256-etm at openssh.com > >hmac-sha2-512-etm at openssh.com > >hmac-md5-etm at openssh.com > >hmac-md5-96-etm at openssh.com > >hmac-ripemd160-etm at openssh.com > >umac-64-etm at openssh.com > >umac-128-etm at openssh.com > > I've done the same thing, but the problem is that a bunch of > (probably) incompatible vendor-specific extensions doesn't profit the > community as a whole. If anyone from OpenSSH would like to get in > touch, we can (a) see if what we're doing is interoperable and (b) > document it in an RFC for general adoption. > > Peter. > _______________________________________________ > The cryptography mailing list > cryptography at metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev at mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev