idnits 2.17.1 draft-moonesamy-sshfp-ed25519-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (August 31, 2014) is 3520 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'TBD' is mentioned on line 99, but not defined == Missing Reference: 'RFCXXXX' is mentioned on line 99, but not defined Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT S. Moonesamy 3 Intended Status: Informational 4 Expires: March 4, 2015 August 31, 2014 6 Using ED25519 in SSHFP Resource Records 7 draft-moonesamy-sshfp-ed25519-02 9 Abstract 11 The Ed25519 signature algorithm has been implemented in OpenSSH. 12 This document updates the IANA "SSHFP RR Types for public key 13 algorithms" registry by adding an algorithm number for Ed25519. 15 Status of this Memo 17 This Internet-Draft is submitted to IETF in full conformance with the 18 provisions of BCP 78 and BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as 23 Internet-Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/1id-abstracts.html 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html 36 Copyright and License Notice 38 Copyright (c) 2014 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 1. Introduction 53 The Ed25519 [Ed25519] signature algorithm, specifically Ed25519-SHA- 54 512, has been implemented in OpenSSH. RFC 4255 [RFC4255] defines a 55 DNS resource record, "SSHFP", which can be used to publish a 56 fingerprint of the SSH server public key in the DNS. This document 57 updates the IANA "SSHFP RR Types for public key algorithms" registry 58 by adding an algorithm number for Ed25519 [Ed25519]. 60 2. ED25519 Public Key with SHA-256 Fingerprint 62 The SSHFP Resource Record for the ED25519 public key with SHA-256 63 fingerprint [FIPS180-4] would, for example, be: 65 ssh.example.com IN SSHFP [TBD] 2 ( a87f1b687ac0e57d2a081a2f2826723 66 34d90ed316d2b818ca9580ea384d924 67 01 ) 69 [RFC Editor Note: Please replace TBD with the value assigned by 70 IANA.] 72 The following body of the public key file was used as input to 73 generate the above fingerprint: 75 ssh-ed25519 76 AAAAC3NzaC1lZDI1NTE5AAAAIGPKSUTyz1HwHReFVvD5obVsALAgJRNarH4TRpNePnAS 78 The opaque octet string output produced is placed as-is in the RDATA 79 fingerprint field. 81 3. Security Considerations 83 The overall security of using SSHFP for SSH host key verification is 84 dependent on the security policies of the SSH host administrator and 85 DNS zone administrator (in transferring the fingerprint), detailed 86 aspects of how verification is done in the SSH implementation, and in 87 the client's diligence in accessing the DNS in a secure manner. 88 Please refer to RFC 4255 [RFC4255] for a discussion of the security 89 considerations. 91 4. IANA Considerations 93 IANA is requested to add the following entry to the "SSHFP RR Types 94 for public key algorithms" registry: 96 +--------+-------------+------------+ 97 | Value | Description | Reference | 98 +--------+-------------+------------+ 99 | [TBD] | ED25519 | [RFCXXXX] | 100 +--------+-------------+------------+ 102 [RFC Editor Note: Please replace TBD with the value assigned by IANA 103 and RFCXXXX to refer to this document.] 105 5. Acknowledgements 107 Some of the text in this document was written by Ondrej Sury. The 108 author would like to thank Damien Miller, Yoav Nir, and Paul Wouters 109 for their feedback. Rene Struik provided advice about the usage of 110 Ed25519. Stephen Farrell, as Security Area Director, reviewed the 111 code point request. 113 6. References 115 6.1. Normative References 117 [RFC4255] Schlyter, J. and W. Griffin, "Using DNS to Securely 118 Publish Secure Shell (SSH) Key Fingerprints", RFC 4255, 119 January 2006. 121 6.2. Informative References 123 [Ed25519] Bernstein, D. J., Lange T., Schwabe P., Yang B-Y., High- 124 Speed High-Security Signatures, Journal of Cryptographic 125 Engineering, Vol. 2, September 26, 2011 127 [FIPS180-4] National Institute of Standards and Technology, "Secure 128 Hash Standard (SHS)", FIPS PUB 180-4, March 2012, 129 . 132 Appendix A: Changes 134 [RFC Editor Note: Please remove this appendix] 136 A.1 Changes since version 00 138 o Text about usage policy removed from Section 2 140 o SHA-1 Fingerprint removed 142 A.2 Changes since version 01 144 o Appendix B lists the implementation status of the Ed25519 145 signature algorithm. 147 o Added an example in Section 2 of the public key file used to 148 generate the fingerprint. 150 Appendix B: Implementation Status 152 [RFC Editor Note: Please remove this appendix] 154 This section records the status of known implementations of the 155 signature algorithm referenced by this specification at the time of 156 posting of this Internet-Draft. 158 The Ed25519 signature algorithm, specifically Ed25519-SHA-512, has been 159 implemented in OpenSSH (http://www.openssh.org) and it is featured in 160 production version (http://www.openssh.com/txt/release-6.5). The 161 software is distributed under a BSD license. 163 The Ed25519 signature algorithm has also been implemented in Tera Term 164 (http://sourceforge.jp/ticket/browse.php?group_id=1412&tid=33263). The 165 software is distributed under a BSD license. 167 Authors' Addresses 169 S. Moonesamy 170 76, Ylang Ylang Avenue 171 Quatres Bornes 172 Mauritius 174 Email: sm+ietf@elandsys.com