From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Fri Feb 02 09:59:57 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HCztN-0004SC-4h for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 09:59:57 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HCztG-0002bu-5i for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 09:59:57 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id BDFDA63B2F6; Fri, 2 Feb 2007 14:59:36 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from bay0-omc2-s34.bay0.hotmail.com (bay0-omc2-s34.bay0.hotmail.com [65.54.246.170]) by mail.netbsd.org (Postfix) with ESMTP id 1681463B204 for ; Fri, 2 Feb 2007 14:59:36 +0000 (UTC) Received: from hotmail.com ([65.54.175.37]) by bay0-omc2-s34.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Fri, 2 Feb 2007 06:59:36 -0800 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 2 Feb 2007 06:59:35 -0800 Message-ID: Received: from 65.54.175.200 by by104fd.bay104.hotmail.msn.com with HTTP; Fri, 02 Feb 2007 14:59:33 GMT X-Originating-IP: [85.146.164.32] X-Originating-Email: [frederikpot@hotmail.com] X-Sender: frederikpot@hotmail.com From: "Frederik Pot" To: ietf-ssh@netbsd.org Subject: simple connection Date: Fri, 02 Feb 2007 14:59:33 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed X-OriginalArrivalTime: 02 Feb 2007 14:59:35.0699 (UTC) FILETIME=[C0EE0E30:01C746DA] Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 Hello, I am Frederik Pot 30 years old and live in Holland. I want to connect from a realbasic application (on windows) to my linux computer on port 22. I set the firewall off and do a xhost + command on the linux machine. Then i can connect by tcp on port 22 and see as return something like SSH-OPENSSH4. So there is a sort of connection......... Well for me it is difficult to see what to do further...... Setting up a public key ...??? Can you give me some tips on how to communicate with this protocol.. Or is it too difficult for a simple example ??? Thx for your time Greetings , Frederik Pot _________________________________________________________________ Windows Live Mail: Slim, Persoonlijk, Betrouwbaar en het blijft natuurlijk gratis! http://imagine-windowslive.com/mail/launch/default.aspx?Locale=nl-nl From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Fri Feb 02 10:11:36 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HD04e-00031s-7g for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 10:11:36 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HD04b-0004ud-Qp for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 10:11:36 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 1BFB563B305; Fri, 2 Feb 2007 15:11:30 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from Sparkle.Rodents.Montreal.QC.CA (Sparkle.Rodents.Montreal.QC.CA [216.46.5.7]) by mail.netbsd.org (Postfix) with ESMTP id A028F63B2FD for ; Fri, 2 Feb 2007 15:11:28 +0000 (UTC) Received: (from mouse@localhost) by Sparkle.Rodents.Montreal.QC.CA (8.8.8/8.8.8) id KAA15306; Fri, 2 Feb 2007 10:11:27 -0500 (EST) From: der Mouse Message-Id: <200702021511.KAA15306@Sparkle.Rodents.Montreal.QC.CA> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway. X-Message-Flag: Microsoft: the company who gave us the botnet zombies. Date: Fri, 2 Feb 2007 10:04:28 -0500 (EST) To: ietf-ssh@NetBSD.org Cc: Frederik Pot Reply-To: ietf-ssh@NetBSD.org Subject: Re: simple connection In-Reply-To: References: Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17 > I want to connect from a realbasic application (on windows) to my > linux computer on port 22. > I set the firewall off and do a xhost + command on the linux machine. > Then i can connect by tcp on port 22 and see as return something like > SSH-OPENSSH4. > So there is a sort of connection......... Right...though "xhost +" has nothing whatever to do with this; X permissions are completely independent of access to your ssh server. > Well for me it is difficult to see what to do further...... > Setting up a public key ...??? > Can you give me some tips on how to communicate with this protocol.. > Or is it too difficult for a simple example ??? It's too complicated to describe briefly. See RFCs 4250 through 4254; they are the spec for the basic protocol. It will be rather difficult to use ssh directly from BASIC. Not impossible, assuming your BASIC supports networking and operations on binary data, but...well, put it this way: I wouldn't try unless someone were paying me quite a lot - and that's speaking as someone who's written an ssh client (not, of course, in BASIC). Unless you have a good deal of cryptography support available built into your BASIC system.... /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse@rodents.montreal.qc.ca / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Fri Feb 02 10:21:33 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HD0EH-0005xM-OE for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 10:21:33 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HD0EB-0006d7-8I for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 10:21:33 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id D209563B180; Fri, 2 Feb 2007 15:21:22 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from bay0-omc1-s24.bay0.hotmail.com (bay0-omc1-s24.bay0.hotmail.com [65.54.246.96]) by mail.netbsd.org (Postfix) with ESMTP id 10E6163B10E for ; Fri, 2 Feb 2007 15:21:21 +0000 (UTC) Received: from hotmail.com ([65.54.175.17]) by bay0-omc1-s24.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Fri, 2 Feb 2007 07:21:21 -0800 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 2 Feb 2007 07:21:21 -0800 Message-ID: Received: from 65.54.175.200 by by104fd.bay104.hotmail.msn.com with HTTP; Fri, 02 Feb 2007 15:21:20 GMT X-Originating-IP: [85.146.164.32] X-Originating-Email: [frederikpot@hotmail.com] X-Sender: frederikpot@hotmail.com In-Reply-To: <200702021511.KAA15306@Sparkle.Rodents.Montreal.QC.CA> From: "Frederik Pot" To: ietf-ssh@NetBSD.org Subject: Re: simple connection Date: Fri, 02 Feb 2007 15:21:20 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed X-OriginalArrivalTime: 02 Feb 2007 15:21:21.0598 (UTC) FILETIME=[CB4E6DE0:01C746DD] Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.0 (/) X-Scan-Signature: 5a9a1bd6c2d06a21d748b7d0070ddcb8 Thank you verry much for your reply !! I really appreciate for answering the email ! Thx for your time... Greetings , Frederik Pot >From: der Mouse >Reply-To: ietf-ssh@NetBSD.org >To: ietf-ssh@NetBSD.org >CC: Frederik Pot >Subject: Re: simple connection >Date: Fri, 2 Feb 2007 10:04:28 -0500 (EST) > > > I want to connect from a realbasic application (on windows) to my > > linux computer on port 22. > > > I set the firewall off and do a xhost + command on the linux machine. > > Then i can connect by tcp on port 22 and see as return something like > > SSH-OPENSSH4. > > So there is a sort of connection......... > >Right...though "xhost +" has nothing whatever to do with this; X >permissions are completely independent of access to your ssh server. > > > Well for me it is difficult to see what to do further...... > > > Setting up a public key ...??? > > > Can you give me some tips on how to communicate with this protocol.. > > > Or is it too difficult for a simple example ??? > >It's too complicated to describe briefly. See RFCs 4250 through 4254; >they are the spec for the basic protocol. > >It will be rather difficult to use ssh directly from BASIC. Not >impossible, assuming your BASIC supports networking and operations on >binary data, but...well, put it this way: I wouldn't try unless someone >were paying me quite a lot - and that's speaking as someone who's >written an ssh client (not, of course, in BASIC). > >Unless you have a good deal of cryptography support available built >into your BASIC system.... > >/~\ The ASCII der Mouse >\ / Ribbon Campaign > X Against HTML mouse@rodents.montreal.qc.ca >/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _________________________________________________________________ Bekijk je berichten in 1 oogopslag met de indeling van Live Mail! http://imagine-windowslive.com/mail/launch/default.aspx?Locale=nl-nl From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Fri Feb 02 12:08:00 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HD1tI-0003J5-PN for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 12:08:00 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HD1tD-0000s2-DQ for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 12:08:00 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 1A79C63B2B9; Fri, 2 Feb 2007 17:07:47 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from currant.srv.cs.cmu.edu (CURRANT.SRV.CS.CMU.EDU [128.2.194.193]) by mail.netbsd.org (Postfix) with ESMTP id 26E9D63B13C for ; Fri, 2 Feb 2007 17:07:41 +0000 (UTC) Received: from SIRIUS.FAC.CS.CMU.EDU (SIRIUS.FAC.CS.CMU.EDU [128.2.209.170]) (authenticated bits=0) by currant.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id l12FHSRt010566 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Feb 2007 10:17:29 -0500 (EST) Date: Fri, 02 Feb 2007 10:17:28 -0500 From: Jeffrey Hutzelman To: ietf-ssh@NetBSD.org cc: Frederik Pot , Jeffrey Hutzelman Subject: Re: simple connection Message-ID: <57B74B85C6F3A68A8CC677E4@sirius.fac.cs.cmu.edu> In-Reply-To: <200702021511.KAA15306@Sparkle.Rodents.Montreal.QC.CA> References: <200702021511.KAA15306@Sparkle.Rodents.Montreal.QC.CA> Originator-Info: login-token=Mulberry:01ItXO54w9Q1tuIEZoVVP+VrlHBRKpCUePSvxMWFU=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/3.1.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.0 (/) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de On Friday, February 02, 2007 10:04:28 AM -0500 der Mouse wrote: > Unless you have a good deal of cryptography support available built > into your BASIC system.... Heh. Doing RSA or DH in BASIC would be an interesting challenge, to say the least. From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Fri Feb 02 12:19:25 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HD24L-0006WN-4h for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 12:19:25 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HD24I-0002uH-8P for secsh-tyoxbijeg7-archive@lists.ietf.org; Fri, 02 Feb 2007 12:19:25 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id E5F2963B301; Fri, 2 Feb 2007 17:19:19 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from Sparkle.Rodents.Montreal.QC.CA (Sparkle.Rodents.Montreal.QC.CA [216.46.5.7]) by mail.netbsd.org (Postfix) with ESMTP id 8FE1E63B13C for ; Fri, 2 Feb 2007 17:19:16 +0000 (UTC) Received: (from mouse@localhost) by Sparkle.Rodents.Montreal.QC.CA (8.8.8/8.8.8) id MAA16351; Fri, 2 Feb 2007 12:19:15 -0500 (EST) From: der Mouse Message-Id: <200702021719.MAA16351@Sparkle.Rodents.Montreal.QC.CA> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway. X-Message-Flag: Microsoft: the company who gave us the botnet zombies. Date: Fri, 2 Feb 2007 12:11:31 -0500 (EST) To: ietf-ssh@NetBSD.org Cc: Frederik Pot Subject: Re: simple connection In-Reply-To: <57B74B85C6F3A68A8CC677E4@sirius.fac.cs.cmu.edu> References: <200702021511.KAA15306@Sparkle.Rodents.Montreal.QC.CA> <57B74B85C6F3A68A8CC677E4@sirius.fac.cs.cmu.edu> Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f >> Unless you have a good deal of cryptography support available built >> into your BASIC system.... > Heh. Doing RSA or DH in BASIC would be an interesting challenge, to > say the least. It wouldn't be difficult, just slow. I've done IDEA in MUF (a language rather like FORTH but with all the real elegance ripped out). I've also done floating-point in it - in a version which has no native support for any arithmetic type except machine integers. Honestly, if I had to do ssh in BASIC, I'd probably build an interpreter (or perhaps compiler to pcode and then a pcode engine) for a language better suited to the task and then write the code in that. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse@rodents.montreal.qc.ca / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Sat Feb 03 04:13:48 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HDGxw-0007S0-Kk for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 03 Feb 2007 04:13:48 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HDGxt-0001YP-NF for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 03 Feb 2007 04:13:48 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id DB87363B19A; Sat, 3 Feb 2007 09:13:29 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from zeppo.itss.auckland.ac.nz (mailhost.auckland.ac.nz [130.216.190.14]) by mail.netbsd.org (Postfix) with ESMTP id 0B70D63B142 for ; Sat, 3 Feb 2007 09:13:29 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by zeppo.itss.auckland.ac.nz (Postfix) with ESMTP id E1C1134647 for ; Sat, 3 Feb 2007 21:07:02 +1300 (NZDT) Received: from zeppo.itss.auckland.ac.nz ([127.0.0.1]) by localhost (smtpd.itss.auckland.ac.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 13650-02 for ; Sat, 3 Feb 2007 21:07:02 +1300 (NZDT) Received: from iris.cs.auckland.ac.nz (iris.cs.auckland.ac.nz [130.216.33.152]) by zeppo.itss.auckland.ac.nz (Postfix) with ESMTP id C528634628 for ; Sat, 3 Feb 2007 21:07:02 +1300 (NZDT) Received: from medusa01.cs.auckland.ac.nz (medusa01.cs.auckland.ac.nz [130.216.34.33]) by iris.cs.auckland.ac.nz (Postfix) with ESMTP id 960FD51400E for ; Sat, 3 Feb 2007 21:07:02 +1300 (NZDT) Received: from pgut001 by medusa01.cs.auckland.ac.nz with local (Exim 3.36 #1 (Debian)) id 1HDFvR-0006lM-00 for ; Sat, 03 Feb 2007 21:07:09 +1300 From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: ietf-ssh@NetBSD.org Subject: Re: simple connection In-Reply-To: <200702021511.KAA15306@Sparkle.Rodents.Montreal.QC.CA> Message-Id: Date: Sat, 03 Feb 2007 21:07:09 +1300 X-Virus-Scanned: by amavisd-new at mailhost.auckland.ac.nz Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.5 (/) X-Scan-Signature: 68c8cc8a64a9d0402e43b8eee9fc4199 der Mouse writes: >It will be rather difficult to use ssh directly from BASIC. Not >impossible, assuming your BASIC supports networking and operations on >binary data, but...well, put it this way: I wouldn't try unless someone >were paying me quite a lot - and that's speaking as someone who's >written an ssh client (not, of course, in BASIC). There are a few SSH libs available as Windows DLLs which should be callable from, well VB anyway, I assume RealBasic is the same. A google search for something like "windows dll ssh" should find something. Peter (author of one of said DLLs :-). From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Sat Feb 17 17:52:19 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HIYPj-0005VF-PR for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 17 Feb 2007 17:52:19 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HIYPe-0007uW-Lf for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 17 Feb 2007 17:52:19 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 649A563B30E; Sat, 17 Feb 2007 22:51:50 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from ppsw-0.csi.cam.ac.uk (ppsw-0.csi.cam.ac.uk [131.111.8.130]) by mail.netbsd.org (Postfix) with ESMTP id 87CF163B17C for ; Sat, 17 Feb 2007 22:51:49 +0000 (UTC) X-Cam-SpamDetails: Not scanned X-Cam-AntiVirus: No virus found X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from smaug.linux.pwf.cam.ac.uk ([193.60.95.72]:34336) by ppsw-0.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.130]:25) with esmtp id 1HIXKY-0003lZ-33 (Exim 4.63) for ietf-ssh@netbsd.org (return-path ); Sat, 17 Feb 2007 21:42:55 +0000 Received: from bjh21 (helo=localhost) by smaug.linux.pwf.cam.ac.uk with local-esmtp (Exim 4.22) id 1HIXKY-0004BX-R0 for ietf-ssh@netbsd.org; Sat, 17 Feb 2007 21:42:54 +0000 Date: Sat, 17 Feb 2007 21:42:54 +0000 (GMT) From: Ben Harris To: ietf-ssh@netbsd.org Subject: draft-bjh21-ssh-transport-extension-00 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.6 (+) X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c I've just uploaded an internet-draft that would allocate an SSH message number to be used for named message types, where the names work like all the other names in SSH. This should make it easier to extend the SSH transport layer in ways that need new message types, as it appears might be necessary to produce a race-free version of zlib@openssh.com. Named packet types aren't right for everything, of course, but they seem sensible for packets that are only likely to be sent a few times per connection. What do people think of this idea? -- Ben Harris From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Sat Feb 17 21:05:57 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HIbR7-0008QO-Eq for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 17 Feb 2007 21:05:57 -0500 Received: from mail.netbsd.org ([204.152.190.11]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HIbR5-0002zg-WD for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 17 Feb 2007 21:05:57 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id F219063B3AC; Sun, 18 Feb 2007 02:00:37 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from currant.srv.cs.cmu.edu (CURRANT.SRV.CS.CMU.EDU [128.2.194.193]) by mail.netbsd.org (Postfix) with ESMTP id D762F63B227 for ; Sun, 18 Feb 2007 02:00:36 +0000 (UTC) Received: from SIRIUS.FAC.CS.CMU.EDU (SIRIUS.FAC.CS.CMU.EDU [128.2.209.170]) (authenticated bits=0) by currant.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id l1I20PAu001251 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 17 Feb 2007 21:00:26 -0500 (EST) Date: Sat, 17 Feb 2007 21:00:24 -0500 From: Jeffrey Hutzelman To: Ben Harris , ietf-ssh@NetBSD.org cc: Jeffrey Hutzelman Subject: Re: draft-bjh21-ssh-transport-extension-00 Message-ID: <367C1CA6E28DA462F2F0F0AA@sirius.fac.cs.cmu.edu> In-Reply-To: References: Originator-Info: login-token=Mulberry:01dGQA+d7MdW3Ar3h6p+IwaAvWNyT7mHnh2S5equQ=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/3.1.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.1 (+) X-Scan-Signature: 4adaf050708fb13be3316a9eee889caa On Saturday, February 17, 2007 09:42:54 PM +0000 Ben Harris wrote: > I've just uploaded an internet-draft that would allocate an SSH message > number to be used for named message types, where the names work like all > the other names in SSH. This should make it easier to extend the SSH > transport layer in ways that need new message types, as it appears might > be necessary to produce a race-free version of zlib@openssh.com. Named > packet types aren't right for everything, of course, but they seem > sensible for packets that are only likely to be sent a few times per > connection. > > What do people think of this idea? > > 00.txt> Sounds like a good idea. I can't find evidence of any reason to restrict allocation of transport-level message numbers other than the extreme scarcity of the namespace, so opening it up in the way you describe seems reasonable. I think it is probably worth noting that anyone defining a standards-track extension requiring a new transport-level message would now have a choice as to whether to allocate a new message type number or used a named type. This decision would presumably be made on the basis of whether there are performance implications which make it a good idea to consume a number. I think the advice you give in the security considrations section is misplaced. The question of whether to send a message prior to completion of the initial key exchange depends on the semantics of the message in question and whether it can live with the lack of integrity protection. While it's pretty likely that the number of such messages is small and they have all already been defined, there is no guarantee of that. In any event, the question is unrelated to the use of named message types; it would apply equally to messages using new numbers. At a minimum, this text should be reworded as advice to designers as future extensions, without use of RFC2119 keywords which appear to specify behavior for implementations. -- Jeff From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Mon Feb 19 03:36:18 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HJ40Q-0002AV-QV for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 19 Feb 2007 03:36:18 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HJ40O-0001kD-02 for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 19 Feb 2007 03:36:18 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 330E263B19F; Mon, 19 Feb 2007 08:36:04 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from Sparkle.Rodents.Montreal.QC.CA (Sparkle.Rodents.Montreal.QC.CA [216.46.5.7]) by mail.netbsd.org (Postfix) with ESMTP id DA04863B118 for ; Mon, 19 Feb 2007 08:36:02 +0000 (UTC) Received: (from mouse@localhost) by Sparkle.Rodents.Montreal.QC.CA (8.8.8/8.8.8) id DAA23284; Mon, 19 Feb 2007 03:36:01 -0500 (EST) From: der Mouse Message-Id: <200702190836.DAA23284@Sparkle.Rodents.Montreal.QC.CA> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway. X-Message-Flag: Microsoft: the company who gave us the botnet zombies. Date: Mon, 19 Feb 2007 03:30:36 -0500 (EST) To: ietf-ssh@NetBSD.org Subject: Re: draft-bjh21-ssh-transport-extension-00 In-Reply-To: References: Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.1 (+) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 > [...] a race-free version of zlib@openssh.com. Speaking of which, can anyone point me to docs on the various @openssh.com names? Besides zlib@openssh.com as a compression method, I've seen keepalive@openssh.com channel requests, and have so far been unable to find authoritative documentation on either. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse@rodents.montreal.qc.ca / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Mon Feb 19 04:42:08 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HJ528-0007Ql-9Q for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 19 Feb 2007 04:42:08 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HJ525-0007Hd-V3 for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 19 Feb 2007 04:42:08 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id C1A4E63B17F; Mon, 19 Feb 2007 09:42:01 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from Sparkle.Rodents.Montreal.QC.CA (Sparkle.Rodents.Montreal.QC.CA [216.46.5.7]) by mail.netbsd.org (Postfix) with ESMTP id 7B71B63B11B for ; Mon, 19 Feb 2007 09:42:00 +0000 (UTC) Received: (from mouse@localhost) by Sparkle.Rodents.Montreal.QC.CA (8.8.8/8.8.8) id EAA23644; Mon, 19 Feb 2007 04:41:59 -0500 (EST) From: der Mouse Message-Id: <200702190941.EAA23644@Sparkle.Rodents.Montreal.QC.CA> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway. X-Message-Flag: Microsoft: the company who gave us the botnet zombies. Date: Mon, 19 Feb 2007 04:30:55 -0500 (EST) To: ietf-ssh@NetBSD.org Subject: Re: draft-bjh21-ssh-transport-extension-00 In-Reply-To: References: Sender: ietf-ssh-owner@NetBSD.org Precedence: list Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.1 (+) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f > I've just uploaded an internet-draft that would allocate an SSH > message number to be used for named message types, where the names > work like all the other names in SSH. Named *transport-layer* message types, it seems to me. Or am I misreading? > What do people think of this idea? "Good." I don't have any immediate use for it (the one new packet type I'm using more appropriately falls into the "local extension" range 192-255, since it never appears on the wire), but I agree that it's a very good thing to have. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse@rodents.montreal.qc.ca / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Wed Feb 21 18:27:32 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HK0s0-0008Rw-Gj for secsh-tyoxbijeg7-archive@lists.ietf.org; Wed, 21 Feb 2007 18:27:32 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HK0rx-0007xj-KX for secsh-tyoxbijeg7-archive@lists.ietf.org; Wed, 21 Feb 2007 18:27:32 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 498D763B1FA; Wed, 21 Feb 2007 23:26:25 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from chiark.greenend.org.uk (chiark.greenend.org.uk [193.201.200.170]) by mail.netbsd.org (Postfix) with ESMTP id 4E43563B146 for ; Wed, 21 Feb 2007 23:26:24 +0000 (UTC) Received: by chiark.greenend.org.uk (Debian Exim 3.36 #1) with local (return-path bjharris@chiark.greenend.org.uk) id 1HK0qs-0000tM-00; Wed, 21 Feb 2007 23:26:22 +0000 From: Ben Harris To: jhutz@cmu.edu Subject: Re: draft-bjh21-ssh-transport-extension-00 In-Reply-To: <367C1CA6E28DA462F2F0F0AA@sirius.fac.cs.cmu.edu> References: <367C1CA6E28DA462F2F0F0AA@sirius.fac.cs.cmu.edu> Organization: Linux Unlimited Cc: ietf-ssh@NetBSD.org Message-Id: Date: Wed, 21 Feb 2007 23:26:22 +0000 Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.6 (+) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 In article <367C1CA6E28DA462F2F0F0AA@sirius.fac.cs.cmu.edu> you write: >I think it is probably worth noting that anyone defining a standards-track >extension requiring a new transport-level message would now have a choice >as to whether to allocate a new message type number or used a named type. >This decision would presumably be made on the basis of whether there are >performance implications which make it a good idea to consume a number. I've added something like that to the end of the introduction. >I think the advice you give in the security considrations section is >misplaced. The question of whether to send a message prior to completion >of the initial key exchange depends on the semantics of the message in >question and whether it can live with the lack of integrity protection. >While it's pretty likely that the number of such messages is small and they >have all already been defined, there is no guarantee of that. In any >event, the question is unrelated to the use of named message types; it >would apply equally to messages using new numbers. This is true and I've dropped that paragraph. It really belongs in a "security considerations for extending SSH" document which doesn't exist yet. I'll upload -01 tonight. -- Ben Harris From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Sat Feb 24 07:50:27 2007 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HKwM7-0001Gj-DL for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 24 Feb 2007 07:50:27 -0500 Received: from mail.netbsd.org ([204.152.190.11]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1HKwM5-0004GI-WA for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 24 Feb 2007 07:50:27 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 30ED363B18E; Sat, 24 Feb 2007 12:50:17 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from mail.taisia.fi (sofia.taisia.fi [213.157.67.236]) by mail.netbsd.org (Postfix) with ESMTP id 0AE4A63B16D for ; Sat, 24 Feb 2007 12:50:16 +0000 (UTC) Received: from [127.0.0.1] (timantti.taisia.fi [127.0.0.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.taisia.fi (Postfix) with ESMTP id 88C5D1E0296 for ; Sat, 24 Feb 2007 13:46:14 +0200 (EET) Message-ID: <45E02561.9030302@saarenmaa.fi> Date: Sat, 24 Feb 2007 13:45:37 +0200 From: Oskari Saarenmaa User-Agent: Thunderbird 1.5.0.9 (X11/20070212) MIME-Version: 1.0 To: ietf-ssh@netbsd.org Subject: X.509 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.1 (/) X-Scan-Signature: 08e48e05374109708c00c6208b534009 I recently submitted a new individual draft for ssh x509 which backs down from what we specified in the latest WG draft, and just specifies how we use certificates in our implementations. It's available at http://tools.ietf.org/wg/secsh/draft-saarenmaa-ssh-x509-00.txt Any thoughts? / Oskari From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Sat Feb 24 11:29:49 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HKzmP-0001nh-Iu for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 24 Feb 2007 11:29:49 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HKzmO-0000FW-9s for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 24 Feb 2007 11:29:49 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 0026C63B1E9; Sat, 24 Feb 2007 16:29:33 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from chiark.greenend.org.uk (chiark.greenend.org.uk [193.201.200.170]) by mail.netbsd.org (Postfix) with ESMTP id 393BF63B1D8 for ; Sat, 24 Feb 2007 16:29:32 +0000 (UTC) Received: by chiark.greenend.org.uk (Debian Exim 3.36 #1) with local (return-path bjharris@chiark.greenend.org.uk) id 1HKzm6-0008H1-00 for ietf-ssh@NetBSD.org; Sat, 24 Feb 2007 16:29:30 +0000 From: Ben Harris To: ietf-ssh@NetBSD.org Subject: draft-bjh21-ssh-transport-extension-01 In-Reply-To: References: Organization: Linux Unlimited Cc: Message-Id: Date: Sat, 24 Feb 2007 16:29:30 +0000 Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.6 (+) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de I've uploaded a new version of my transport extension draft which I think addresses everyone's comments. Any more before I wave it at the IESG? In particular, I'm wondering if I should extend it to allocate similar message numbers for extensions to ssh-userauth and/or ssh-connect. -- Ben Harris From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Sat Feb 24 23:23:05 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HLAuf-0003Zk-09 for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 24 Feb 2007 23:23:05 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HLAud-0003KH-NT for secsh-tyoxbijeg7-archive@lists.ietf.org; Sat, 24 Feb 2007 23:23:04 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 233EA63B1C8; Sun, 25 Feb 2007 04:22:49 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from vandyke.com (mail.vandyke.com [216.184.10.33]) by mail.netbsd.org (Postfix) with ESMTP id 61B0463B110 for ; Sun, 25 Feb 2007 04:22:48 +0000 (UTC) Received: from [192.168.0.3] (account galb HELO [0.0.0.0]) by vandyke.com (CommuniGate Pro SMTP 5.0.9) with ESMTPA id 1312349; Sat, 24 Feb 2007 19:23:11 -0700 Message-ID: <45E0F2F6.20608@vandyke.com> Date: Sat, 24 Feb 2007 19:22:46 -0700 From: Joseph Galbraith User-Agent: Thunderbird 2.0b1 (Windows/20061209) MIME-Version: 1.0 To: Ben Harris CC: ietf-ssh@NetBSD.org Subject: Re: draft-bjh21-ssh-transport-extension-01 References: In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.1 (+) X-Scan-Signature: cf4fa59384e76e63313391b70cd0dd25 Ben Harris wrote: > I've uploaded a new version of my transport extension draft which I > think addresses everyone's comments. Any more before I wave it at the > IESG? In particular, I'm wondering if I should extend it to allocate > similar message numbers for extensions to ssh-userauth and/or > ssh-connect. > > Userauth might be a good idea; ssh-connect already has SSH_MSG_GLOBAL_REQUEST, which serves this purpose. Thanks, Joseph From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Mon Feb 26 01:27:57 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HLZL3-0003ed-KR for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 26 Feb 2007 01:27:57 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HLZL0-0002xC-Ln for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 26 Feb 2007 01:27:57 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id F086A63B456; Mon, 26 Feb 2007 06:27:35 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from mailhost.auckland.ac.nz (larry.its.auckland.ac.nz [130.216.10.122]) by mail.netbsd.org (Postfix) with ESMTP id 1808F63B104 for ; Mon, 26 Feb 2007 06:27:35 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 78B2D18245; Mon, 26 Feb 2007 17:27:04 +1300 (NZDT) X-Virus-Scanned: by amavisd-new at mailhost.auckland.ac.nz Received: from mailhost.auckland.ac.nz ([127.0.0.1]) by localhost (larry.its.auckland.ac.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YTLNcf7zlte6; Mon, 26 Feb 2007 17:27:04 +1300 (NZDT) Received: from iris.cs.auckland.ac.nz (iris.cs.auckland.ac.nz [130.216.33.152]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 5362018264; Mon, 26 Feb 2007 17:27:01 +1300 (NZDT) Received: from medusa01.cs.auckland.ac.nz (medusa01.cs.auckland.ac.nz [130.216.34.33]) by iris.cs.auckland.ac.nz (Postfix) with ESMTP id CF87D514012; Mon, 26 Feb 2007 17:27:02 +1300 (NZDT) Received: from pgut001 by medusa01.cs.auckland.ac.nz with local (Exim 3.36 #1 (Debian)) id 1HLXS2-0001bB-00; Mon, 26 Feb 2007 17:27:02 +1300 From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: ietf-ssh@netbsd.org, oskari@saarenmaa.fi Subject: Re: X.509 Message-Id: Date: Mon, 26 Feb 2007 17:27:02 +1300 Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.5 (/) X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c Oskari Saarenmaa writes: >I recently submitted a new individual draft for ssh x509 which backs down >from what we specified in the latest WG draft, and just specifies how we use >certificates in our implementations. It's available at >http://tools.ietf.org/wg/secsh/draft-saarenmaa-ssh-x509-00.txt > >Any thoughts? Looks straightforward and very workable, in particular deferring the rathole of cert checking entirely to the ITU and IETF PKI docs is a good idea. So FWIW it gets my grunt of approval. Peter. From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Mon Feb 26 13:41:39 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HLkn5-00089X-Fj for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 26 Feb 2007 13:41:39 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HLkn2-00009A-4O for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 26 Feb 2007 13:41:39 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id E72E463B16C; Mon, 26 Feb 2007 18:41:20 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from currant.srv.cs.cmu.edu (CURRANT.SRV.CS.CMU.EDU [128.2.194.193]) by mail.netbsd.org (Postfix) with ESMTP id D05C463B129 for ; Mon, 26 Feb 2007 18:41:19 +0000 (UTC) Received: from SIRIUS.FAC.CS.CMU.EDU (SIRIUS.FAC.CS.CMU.EDU [128.2.209.170]) (authenticated bits=0) by currant.srv.cs.cmu.edu (8.13.6/8.13.6) with ESMTP id l1QIf6sB013183 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 26 Feb 2007 13:41:13 -0500 (EST) Date: Mon, 26 Feb 2007 13:41:06 -0500 From: Jeffrey Hutzelman To: Joseph Galbraith , Ben Harris cc: ietf-ssh@NetBSD.org, Jeffrey Hutzelman Subject: Re: draft-bjh21-ssh-transport-extension-01 Message-ID: <4D9BF7B331B9D4F700C543CF@sirius.fac.cs.cmu.edu> In-Reply-To: <45E0F2F6.20608@vandyke.com> References: <45E0F2F6.20608@vandyke.com> Originator-Info: login-token=Mulberry:01V72OlsElAwqjCAYXiju+Be4vxcHe8QfEMrz7jT0=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/3.1.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.1 (+) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a On Saturday, February 24, 2007 07:22:46 PM -0700 Joseph Galbraith wrote: > Ben Harris wrote: >> I've uploaded a new version of my transport extension draft which I >> think addresses everyone's comments. Any more before I wave it at the >> IESG? In particular, I'm wondering if I should extend it to allocate >> similar message numbers for extensions to ssh-userauth and/or >> ssh-connect. >> >> > -01.txt> > > Userauth might be a good idea; ssh-connect already has > SSH_MSG_GLOBAL_REQUEST, which serves this purpose. Userauth really shouldn't need this. There is a space of 20 message numbers whose meanings are defined on a per-method basis, and new non-method-specific userauth messages should be extremely rare. OTOH, the rarity argument can also be made for transport messages, and the scarity-of-numbers argument applies at least as well to userauth, so I suppose I won't object if you want to do it. -- Jeff From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Mon Feb 26 18:03:18 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HLosI-0003Tm-Bm for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 26 Feb 2007 18:03:18 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HLos3-0008KT-7Y for secsh-tyoxbijeg7-archive@lists.ietf.org; Mon, 26 Feb 2007 18:03:18 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 4FDC963B67E; Mon, 26 Feb 2007 23:02:51 +0000 (UTC) X-Original-To: ietf-ssh@netbsd.org Delivered-To: ietf-ssh@netbsd.org Received: from filter.host.bg (filter.host.bg [87.120.40.9]) by mail.netbsd.org (Postfix) with ESMTP id 6B0D863B1F9 for ; Mon, 26 Feb 2007 23:02:50 +0000 (UTC) Received: from mail.host.bg (mail.host.bg [87.120.40.5]) by filter.host.bg (Postfix) with SMTP id 2C32E7E249 for ; Mon, 26 Feb 2007 23:02:57 +0200 (EET) Received: from [85.130.38.241] (85-130-38-241.1699525.ddns.cablebg.net [85.130.38.241]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.host.bg (Postfix) with ESMTP id DB93C1C8833 for ; Mon, 26 Feb 2007 23:02:54 +0200 (EET) Message-ID: <45E34AFA.50405@roumenpetrov.info> Date: Mon, 26 Feb 2007 23:02:50 +0200 From: Roumen Petrov User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061222 SeaMonkey/1.0.7 MIME-Version: 1.0 To: ietf-ssh@netbsd.org Subject: Re: X.509 References: <45E02561.9030302@saarenmaa.fi> In-Reply-To: <45E02561.9030302@saarenmaa.fi> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 0.0 (/) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f Please check names like : "x509v3-sign-rsa-sha1"(key name) and "ssh-rsa"(signature format name) vs "x509v3-sign-rsa" Same for DSA. Roumen Oskari Saarenmaa wrote: > I recently submitted a new individual draft for ssh x509 which backs > down from what we specified in the latest WG draft, and just specifies > how we use certificates in our implementations. It's available at > http://tools.ietf.org/wg/secsh/draft-saarenmaa-ssh-x509-00.txt > > Any thoughts? > > / Oskari > From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Tue Feb 27 19:16:03 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HMCUF-0006Uk-75 for secsh-tyoxbijeg7-archive@lists.ietf.org; Tue, 27 Feb 2007 19:16:03 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HMCU9-0007ep-Et for secsh-tyoxbijeg7-archive@lists.ietf.org; Tue, 27 Feb 2007 19:16:03 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id BA15463B2DF; Wed, 28 Feb 2007 00:15:37 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from ppsw-3.csi.cam.ac.uk (ppsw-3.csi.cam.ac.uk [131.111.8.133]) by mail.netbsd.org (Postfix) with ESMTP id B6CE463B158 for ; Wed, 28 Feb 2007 00:15:36 +0000 (UTC) X-Cam-SpamDetails: Not scanned X-Cam-AntiVirus: No virus found X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/ Received: from smaug.linux.pwf.cam.ac.uk ([193.60.95.72]:60280) by ppsw-3.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.133]:25) with esmtp id 1HMBM4-0007aE-AE (Exim 4.63) (return-path ); Tue, 27 Feb 2007 23:03:32 +0000 Received: from bjh21 (helo=localhost) by smaug.linux.pwf.cam.ac.uk with local-esmtp (Exim 4.22) id 1HMBM3-00056i-Sm; Tue, 27 Feb 2007 23:03:31 +0000 Date: Tue, 27 Feb 2007 23:03:31 +0000 (GMT) From: Ben Harris To: Jeffrey Hutzelman cc: Joseph Galbraith , ietf-ssh@NetBSD.org Subject: Re: draft-bjh21-ssh-transport-extension-01 In-Reply-To: <4D9BF7B331B9D4F700C543CF@sirius.fac.cs.cmu.edu> Message-ID: References: <45E0F2F6.20608@vandyke.com> <4D9BF7B331B9D4F700C543CF@sirius.fac.cs.cmu.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.6 (+) X-Scan-Signature: 798b2e660f1819ae38035ac1d8d5e3ab On Mon, 26 Feb 2007, Jeffrey Hutzelman wrote: > > Ben Harris wrote: > > > In particular, I'm wondering if I should extend it to allocate > > > similar message numbers for extensions to ssh-userauth and/or > > > ssh-connect. > > Userauth really shouldn't need this. There is a space of 20 message numbers > whose meanings are defined on a per-method basis, and new non-method-specific > userauth messages should be extremely rare. > > OTOH, the rarity argument can also be made for transport messages, and the > scarity-of-numbers argument applies at least as well to userauth, I think I disagree slightly with that. Userauth has 16 unallocated message numbers where transport has 13, and I've got two extensions in mind that would need transport message types, but none that would need userauth ones. I think for the moment, I'm minded to leave userauth (and connect) out. -- Ben Harris From bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org Tue Feb 27 23:21:46 2007 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HMGK2-0002A6-3P for secsh-tyoxbijeg7-archive@lists.ietf.org; Tue, 27 Feb 2007 23:21:46 -0500 Received: from mail.netbsd.org ([2001:4f8:4:7:2e0:81ff:fe52:9ab6]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HMGJz-00081w-73 for secsh-tyoxbijeg7-archive@lists.ietf.org; Tue, 27 Feb 2007 23:21:46 -0500 Received: by mail.netbsd.org (Postfix, from userid 0) id 0ACDA63B3BA; Wed, 28 Feb 2007 04:21:30 +0000 (UTC) X-Original-To: ietf-ssh@NetBSD.org Delivered-To: ietf-ssh@NetBSD.org Received: from minbar.fac.cs.cmu.edu (MINBAR.FAC.CS.CMU.EDU [128.2.185.161]) by mail.netbsd.org (Postfix) with SMTP id E3F0D63B362 for ; Wed, 28 Feb 2007 04:21:28 +0000 (UTC) Received: from minbar.fac.cs.cmu.edu ([127.0.0.1]) by minbar.fac.cs.cmu.edu id aa28872; 27 Feb 2007 21:21 EST Date: Tue, 27 Feb 2007 21:21:07 -0500 (EST) From: Jeffrey Hutzelman X-X-Sender: To: Ben Harris cc: Joseph Galbraith , Subject: Re: draft-bjh21-ssh-transport-extension-01 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: ietf-ssh-owner@NetBSD.org Precedence: list X-Spam-Score: 1.1 (+) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a On Tue, 27 Feb 2007, Ben Harris wrote: > On Mon, 26 Feb 2007, Jeffrey Hutzelman wrote: > > > > Ben Harris wrote: > > > > In particular, I'm wondering if I should extend it to allocate > > > > similar message numbers for extensions to ssh-userauth and/or > > > > ssh-connect. > > > > Userauth really shouldn't need this. There is a space of 20 message numbers > > whose meanings are defined on a per-method basis, and new non-method-specific > > userauth messages should be extremely rare. > > > > OTOH, the rarity argument can also be made for transport messages, and the > > scarity-of-numbers argument applies at least as well to userauth, > > I think I disagree slightly with that. Userauth has 16 unallocated > message numbers where transport has 13, and I've got two extensions in > mind that would need transport message types, but none that would need > userauth ones. I think for the moment, I'm minded to leave userauth (and > connect) out. Userauth has 6 unallocated generic numbeers, not 16. Anyway, as I said, I don't much care one way or the other. -- Jeff