idnits 2.17.1 draft-ietf-secsh-fingerprint-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 2 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** The abstract seems to contain references ([RFC-1321], [SSH-TRANS]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 2002) is 8050 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC-2026' is defined on line 63, but no explicit reference was found in the text -- No information found for draft-secsh-transport - is the name correct? -- Possible downref: Normative reference to a draft: ref. 'SSH-TRANS' ** Downref: Normative reference to an Informational RFC: RFC 1321 Summary: 7 errors (**), 0 flaws (~~), 4 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT Markus Friedl 3 draft-ietf-secsh-fingerprint-00.txt The OpenBSD Project 4 Expires in six months March 2002 6 SSH Fingerprint Format 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering 14 Task Force (IETF), its areas, and its working groups. Note that 15 other groups may also distribute working documents as Internet- 16 Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other docu- ments at 20 any time. It is inappropriate to use Internet- Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 Distribution of this memo is unlimited. 31 Abstract 33 This document formally documents the fingerprint format in use for 34 verifying public keys from SSH clients and servers. 36 Introduction 38 The security of the SSH protocols relies on the verification of 39 public host keys. Since public keys tend to be very large, it is 40 difficult for a human to verify an entire host key. Even with a PKI 41 in place, it is useful to have a standard for exchanging short 42 fingerprints of public keys. 44 This document formally describes the simple key fingerprint format. 46 Fingerprint Format 48 The fingerprint of a public key consists of the output of the MD5 49 message-digest algorithm [RFC-1321]. The input to the algorithm is 50 the public key blob as described in [SSH-TRANS]. The output of the 51 algorithm is presented to the user as a sequence of 16 octets printed 52 as hexadecimal with lowercase letters and separated by colons. 54 For example: "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" 56 References 58 [SSH-TRANS] Ylonen, T., et al: "SSH Transport Layer Protocol", 59 Internet Draft, draft-secsh-transport-14.txt 61 [RFC-1321] R. Rivest: "The MD5 Message-Digest Algorithm", April 1992. 63 [RFC-2026] S. Bradner: "The Internet Standards Process -- Revision 64 3", October 1996. 66 Author's Address: 68 Markus Friedl 69 markus@openbsd.org 70 Munich, Germany