The IESG has approved the following document: - 'Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)' (draft-ietf-curdle-ssh-kex-sha2-20.txt) as Proposed Standard
This document is the product of the CURves, Deprecating and a Little more Encryption Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-curdle-ssh-kex-sha2/ Technical Summary This document is intended to update the recommended set of key exchange methods for use in the Secure Shell (SSH) protocol to meet evolving needs for stronger security. This document updates RFCs 4250, 4253, 4432, and 4462. Working Group Summary The proposed recommendations have been discussed on the mailing list and in sessions during the IETF in seoul. Additional changes were made based on subsequent discussion, including AD and directorate reviews, but all the changes were amply discussed in the WG. Document Quality The document provides recommendations, as such implementations are mostly related to the new methods defined in curdle. New key exchange methods will use the SHA-2 family of hashes and are drawn from these ssh-curves from [I-D.ietf-curdle-ssh-curves] and new-modp from the [RFC82682] and gss-keyex [I-D.ietf-curdle-gss-keyex-sha2]. All of the key-exchange mechanisms described have multiple implementations. Personnel The document shepherd is Daniel Migault. The responsible AD is Benjamin Kaduk RFC Editor Note Please remove the duplicated phrase """with the suggested implementation guidance provided in section 4 "Summary Guidance for Key Exchange Method Names Implementation" in this document.""" from the IANA considerations. Please also replace "4000" with the more conventional "4096" in Section 3.2.1 _______________________________________________ IETF-Announce mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-announce
