secsh@conference.ietf.jabber.com - 2003/03/19

[16:27] %% kmurchison has arrived.
[16:32] %% kmurchison has left.
[16:46] %% wcw has arrived.
[16:46] %% wcw has left.
[16:50] %% mls has arrived.
[16:50] %% mls has left.
[16:51] %% hartmans has arrived.
[16:54] %% warlord has arrived.
[16:55] %% kivinen has arrived.
[16:55] %% shep has arrived.
[16:57] %% shep has left.
[17:06] %% mrose has arrived.
[17:08] <warlord> So, comments from the meeting?
[17:10] <kivinen> currently going through the upcoming draft-ietf-secsh-newmodes-00.txt
[17:11] %% hartmans has left.
[17:11] <kivinen> questions from the draft: do we require padding for counter mode. (nobody required to have padding), how to enforce rekey after 2**32 packets (receiver starts rekey when needs)
[17:11] <kivinen> 3) what ciphers with counter mode?
[17:13] %% hartmans has arrived.
[17:13] <hartmans> jhutz is discussing gssapi
[17:14] <kivinen> 3des SHOULD, aes MUST,others follow their cbc versions.
[17:14] <hartmans> Current version is 06 not 05 as claimed by slides
[17:14] <warlord> ok.
[17:15] <hartmans> Current version is 06 not 05 as claimed by slides// Changes made at Nico's request to handle gssapi error tokens
[17:15] <hartmans> You have both error tokens and the secsh layer error message
[17:16] <hartmans> Had to define another message to include the token and wait for the error.
[17:16] <hartmans> Is this OK?
[17:17] <hartmans> Another problem: Should GSS do group exchange?
[17:18] <warlord> It makes sense to me.
[17:18] <hartmans> Bill: How long would it take?
[17:18] <hartmans> jhutz: Not sure how much of dh group exchange I can take.
[17:18] <hartmans> Bill: Get back to us with a time estimate
[17:19] %% kmurchison has arrived.
[17:19] <hartmans> hartmans: asks about oid fix
[17:19] <hartmans> The ssh gss userauth method provides a bunch of oids. One parties tells the other what oids are possible
[17:20] %% kmurchison has left.
[17:20] <hartmans> The draft provides a pairticular encoding of the ASN1 DER of the OID
[17:20] <hartmans> insufficient precice. Some people assumed it included a tag and length
[17:20] <hartmans> Other people assumed it was only the data in the tag
[17:21] <hartmans> we picked a method and specified it. Not all vendors have picked up on the change
[17:21] <hartmans> Joeseph: sxw didn't have time to port his patch; he will correct for OpenSSH 3.6
[17:22] <hartmans> hartamns: If there is not a pressing need for DH group exchange do we want to throw something in the mix if people won't implement it.
[17:23] <hartmans> joseph: Not a whole lot of work to role that in.
[17:25] <hartmans> discussing public key subsystem draft. Bill concerned about apathy.
[17:36] <hartmans> done
[17:37] %% kivinen has left.
[17:37] <warlord> cool. Come to pana!
[17:39] %% warlord has left.
[17:53] %% hartmans has left.
[18:00] %% mrose has left.