[07:00:42] --- alexeymelnikov has joined
[14:13:34] --- hartmans has joined
[14:19:00] --- jhutz has joined
[14:19:02] --- michael has joined
[14:19:44] --- lha has joined
[14:19:56] --- perry has joined
[14:20:01] <jhutz> OK; I'll try to comment; the others watching should contribute what I miss
[14:20:02] <michael> Currently on the slides: Agenda: iV/Agenda bashing/bluesheets notetaker, jabber....
[14:20:06] <michael> status of core drafts
[14:20:08] <michael> status of other drafts
[14:20:11] <michael> core draft open issues
[14:20:43] <jhutz> argh; it won't let me change the subject
[14:20:53] <jhutz> core drafts status - a bunch of comments from IESG
[14:20:55] <michael> editorial comments from the IESG on the core documents.
[14:20:58] <michael> hehe
[14:21:10] <jhutz> many are merely editorial; fixed in transport-17. A few need more attention...
[14:21:29] <jhutz> CHAIR: Issue tracking...
[14:21:33] <michael> slide: issue Tracking
[14:21:45] <michael> picked RT as run by Rnady Bush/Rob Austien
[14:21:48] <jhutz> CHAIR: We have issue tracking set up using RT at https://rt.psg.com.
[14:21:49] <michael> https://rt.psg.com
[14:21:55] * michael stops
[14:22:07] <jhutz> CHAIR: anonymous access login as user 'ietf' password 'ietf'
[14:22:24] <jhutz> CHAIR: document authors/contributors/etc, contact chair for write access
[14:22:32] <jhutz> SLIDE: general nits for all drafts:
[14:22:40] <jhutz> - references splits (normative/non-normaitve)
[14:22:44] <jhutz> - secuirty considerations
[14:22:48] <jhutz> - IANA considerations
[14:22:57] <jhutz> - ID-nits http://www.ietf.org/ID-nits.html
[14:23:11] <jhutz> - IPR refereces (including TM), if made, need to follow RFC2026
[14:23:21] <jhutz> SLIDE: core drafts:
[14:23:25] <jhutz> - reissued after vienna
[14:23:34] <jhutz> - returned from IESG with big pile of nits
[14:23:41] <jhutz> - most editroial; a few warrant discussion
[14:23:58] <jhutz> SLIDE: draft-ietf-secsh-dns-04.txt
[14:24:11] <jhutz> - approved by IESG, in RFC-editor queue; RRtype assigned
[14:24:22] <jhutz> (current presenter is still the chair)
[14:24:30] <michael> that RR is for the host's key right
[14:24:39] <jhutz> SLIDE: extensions drafts status
[14:24:42] <jhutz> I believe so
[14:24:54] <jhutz> - keyboard-interactive: reviews by IESG; respin needed
[14:25:10] <jhutz> - DH group exchange - handed off to IESG
[14:25:19] <jhutz> SLIDE: in WG last call:
[14:25:29] <jhutz> - draft-ietf-secsh-publickeyfile-03.txt
[14:25:34] <jhutz> - draft-ietf-secsh-break-01.txt
[14:25:42] <jhutz> - draft-ietf-secsh-newmodes-01.txt (new crypto modes)
[14:25:44] <michael> good... (the idea of user keys in DNS really bothers me...)
[14:25:49] <jhutz> (me too)
[14:26:09] <jhutz> [did someone get what bill just said?]
[14:26:21] <jhutz> SLIDE: in need of revision
[14:26:28] <jhutz> - draft-ietf-secsh-gsskeyex-07.txt
[14:26:35] <jhutz> - needs security considerations
[14:26:45] <jhutz> SLIDE: expired; need revision and reissue:
[14:26:48] <jhutz> - agend forwarding
[14:26:52] <jhutz> - SSH fingerprint format
[14:26:55] <jhutz> - file transfer
[14:26:58] <michael> is there an SSH uri scheme document?
[14:27:01] <jhutz> s/agend/agent
[14:27:32] <michael> ahh... there it is
[14:28:33] <jhutz> draft-ietf-secsh-publickey-subsystem-00.txt
[14:28:33] <jhutz> - public key subsystem
[14:28:33] <jhutz> SLIDE: new documents; need attention:
[14:28:33] <jhutz> [I'm confused; oh; nevermind; it's on the next slide]
[14:28:48] <jhutz> - draft-ietf-secsh-scp-sftp-ssh-uri-00.txt
[14:29:07] <jhutz> URI formats for SCP/SFTP/SSH; the thing michael was asking about
[14:29:22] <jhutz> CHAIR: there's clear demand for this; he has some clues for how to get URI
[14:29:28] <jhutz> documents reviewed.
[14:29:33] <jhutz> CHAIR: this is a WG work item
[14:30:05] <jhutz> one of the authors pointed out there is a new version in the pipe
[14:30:24] <jhutz> SLIDE: transport draft issues (non-controversial):
[14:30:39] <jhutz> - 3DES, AES listed as non-normative; they need to be normative
[14:30:52] <jhutz> SLIDE: transport draft issues (discussion):
[14:30:55] <jhutz> - group sizes
[14:31:02] <jhutz> - CRLF vs LF in initial version string
[14:31:18] <jhutz> - 3DES isn't not 128 bits
[14:31:23] <jhutz> - different algorithms in each direction
[14:31:34] <jhutz> - want clarification on "implicit server authentication"
[14:31:57] <jhutz> SLIDE: userauth draft issues (discussion):
[14:32:00] <jhutz> - default login timeouts
[14:32:04] <jhutz> - i18n of passwords
[14:32:50] <jhutz> [who's here but not in the room?]
[14:33:04] <jhutz> CHAIR: i18n of passwords...
[14:34:00] <jhutz> UTF8 vs binary string for passwords resolved some years ago. exactly how passwords are compared/matched/etc tends to be server-system-specific, so the server is the place to do string preparation, normailization,etc; a binary compare may not be good enough
[14:34:51] <jhutz> ... because of this, forcing the client to do transformation is likely to be a losing battle. So, the document says client will encode as UTF-8, and the server will do whatever is needed to get a usable password out of that. Yes, this is messy, but the WG weighed the options and decided some time ago this was the best answer.
[14:35:07] <jhutz> SLIDE: transport issue - groups:
[14:35:24] <jhutz> - currently only one group, oakley gorup 1; effecitve strength ~80bits
[14:35:58] <michael> can anyone tell if the URI document authors are in the room?
[14:36:19] <jhutz> CHAIR: rather than delay further trying to decide what else to define, just add a security consideration telling people this is an issue and saying to watch for future documents (particularly dh-group-exchange)
[14:36:21] <hartmans> What is the implications of this for gss-keyex? Do we need to add group negotiation?
[14:36:28] <jhutz> yes; I think one of them is sitting in the row behind me
[14:36:38] <jhutz> SLIDE: transport issue - version line termination
[14:37:18] <jhutz> CHAIR: asks for a sanity check on the solution proposed on the list
[14:37:30] <jhutz> [ if someone has a comment on that, please speak up]
[14:37:43] <jhutz> SLIDE: transport issue - 3DES effective strength
[14:37:55] <jhutz> - doc says REQUIRED algorithms must be > 128 bit strength
[14:38:07] <jhutz> - 3des is subject to 2^112 time + 2^112 storage meet-in-middle attack
[14:38:18] <jhutz> - proposed: grandfather 3DES and move on
[14:38:35] <jhutz> CHAIR: proposed make AES mandatory; would like to hear from anyone who thinks this would be a hardship
[14:38:44] <jhutz> SLIDE: transport issue - different algorithms in each direction
[14:38:55] <jhutz> (for example, RC4 in one direction, 3DES in the other)
[14:39:22] <jhutz> - pushback from Niels Miler - given established practice, this is rare, but should not be disallowed
[14:39:28] <jhutz> CHAIR: asks for other opinions
[14:39:47] <jhutz> hartmans, I don't know. should probably bring this up _again_ argh
[14:39:56] <jhutz> SLIDE: transport issue - implicit server auth:
[14:40:04] <jhutz> - need clarifying text
[14:42:17] <jhutz> Nico Williams: RECOMMEND but don't REQUIRE that client->server and server->client algorithm advertised lists
[14:43:08] <jhutz> back to implicit auth, current text is "Server authentication in the key exchange MAY be implicit. After a key exchange with implicit server authentication, the client MUST wait for response to its service request message before sending any further data."
[14:43:10] <hartmans> I don't see a problem having different algorithms in different directions
[14:45:46] --- perry has left: Disconnected
[14:46:21] <hartmans> Authenticating the server happens in all existing key exchanges
[14:46:29] <hartmans> jhutz - It is an optional property
[14:46:41] <hartmans> Much discussion of a wording issue in the spec
[14:47:06] <jhutz> SLIDE: "please send draft":
[14:47:13] <jhutz> - X.509/PKIX support - Steve Hanna
[14:47:18] <jhutz> - Line mode - Thor Simon
[14:47:27] <jhutz> - Performance analysis? - Bill Squier
[14:47:45] <jhutz> - anything else?
[14:47:53] <jhutz> CHAIR: requests comments from here
[14:49:11] <hartmans> foo
[14:49:11] <jhutz> alexey, that would be you :-)
[14:49:11] <michael> seems to be none
[14:51:29] <hartmans> Discussions about language negotiation
[14:51:50] <hartmans> jhutz - group size for gss-keyex
[14:51:59] <hartmans> same issue as transport draft
[14:52:48] <hartmans> russ wants us to be group agnostic; gss-keyex cannot current be
[14:54:40] <hartmans> Nico proposes we negotiate
[14:55:22] <hartmans> meeting done
[14:55:27] --- hartmans has left
[14:55:35] --- lha has left
[14:56:52] --- jhutz has left
[16:17:33] --- alexeymelnikov has left
[16:44:34] --- alexeymelnikov has joined
[16:45:04] --- alexeymelnikov has left