[Cryptography] Why aren’t we using SSH for everything?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Jan 4 21:29:27 EST 2015


Christoph Anton Mitterer <calestyo at scientia.net> writes:
>On Sun, 2015-01-04 at 18:54 +1300, Peter Gutmann wrote:
>> TLS finally fixed this after a year-long battle to get the change accepted.  I
>> also suggested it to the SSH folks but they weren't interested, and after the
>> fight it took to get it into TLS I just didn't have the energy to go through
>> the same thing for SSH.
>
>$ ssh -Q mac | grep etm
>hmac-sha1-etm at openssh.com
>hmac-sha1-96-etm at openssh.com
>hmac-sha2-256-etm at openssh.com
>hmac-sha2-512-etm at openssh.com
>hmac-md5-etm at openssh.com
>hmac-md5-96-etm at openssh.com
>hmac-ripemd160-etm at openssh.com
>umac-64-etm at openssh.com
>umac-128-etm at openssh.com

I've done the same thing, but the problem is that a bunch of (probably)
incompatible vendor-specific extensions doesn't profit the community as a
whole.  If anyone from OpenSSH would like to get in touch, we can (a) see if
what we're doing is interoperable and (b) document it in an RFC for general
adoption.

Peter.



More information about the cryptography mailing list