Chris Ridd <[email protected]> wrote: > On 31 Aug 2015, at 18:44, Alex Wilson <[email protected]> wrote: >> * They have already given people an alternative path forwards (ECDSA) > > The problem with this is practical - some vendors (Apple is one, possibly > there are others) disable ecdsa in their bundled ssh tools. I did read > this was potentially due to patent concerns, but that may be untrue.
I find this intensely curious, as Apple are heavy users of ECDSA thoughout the iOS ecosystem, in particular in iMessage and the application signing infrastructure. Also they leave the algorithm enabled in all of their OpenSSL builds and even provide API wrappers for it. In any case, the deprecation of plain DSA is a decision being made by upstream OpenSSH, not by us. You should probably take it up on the openssh-unix-dev list if you want to raise these concerns or have further discussion about it. For now we are dealing with it by backing out their change and re-enabling DSA by default in our builds. Whether we can continue to do that indefinitely is another discussion altogether (and depends on predicting the future, so who knows). > Is rsa still a reasonable algorithm to use with ssh? I believe it is, provided you use sufficiently large keys (at least 2048 bits seems to be the recommendation, but quite a number of people are preferring 4096-bit) and both parties are using a modern SSH version with strong hashes rather than MD5 or SHA1. ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
