2.6.10 Secure Shell (secsh)

NOTE: This charter is a snapshot of the 58th IETF Meeting in Minneapolis, Minnesota USA. It may now be out-of-date.

Last Modified: 2003-11-03

Chair(s):
Bill Sommerfeld <sommerfeld@sun.com>
Security Area Director(s):
Russell Housley <housley@vigilsec.com>
Steven Bellovin <smb@research.att.com>
Security Area Advisor:
Russell Housley <housley@vigilsec.com>
Mailing Lists:
General Discussion: ietf-ssh@netbsd.org
To Subscribe: majordomo@netbsd.org
In Body: subscribe ietf-ssh
Archive: ftp://ftp.ietf.org/ietf-mail-archive/secsh/
Description of Working Group:
The goal of the working group is to update and standardize the popular SSH protocol. SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwardings. It can automatically encrypt, authenticate, and compress transmitted data. The working group will attempt to assure that the SSH protocol

o provides strong security against cryptanalysis and protocol attacks,

o can work reasonably well without a global key management or certificate infrastructure,

o can utilize existing certificate infrastructures (e.g., DNSSEC, SPKI, X.509) when available,

o can be made easy to deploy and take into use,

o requires minimum or no manual interaction from users,

o is reasonably clean and simple to implement.

The resulting protocol will operate over TCP/IP or other reliable but insecure transport. It is intended to be implemented at the application level.

Goals and Milestones:
Done  Submit Internet-Draft on SSH-2.0 protocol
Done  Decide on Transport Layer protocol at Memphis IETF.
Done  Post revised core secsh drafts
Done  Submit core drafts to IESG for publication as proposed standard
Done  Post extensions drafts for review
Done  Start sending extensions drafts to Last Call
Apr 02  GSSAPI draft ready for last call
Apr 02  Publish draft on new crypto modes
May 02  Agent draft ready for last call
May 02  Publish draft on X.509v3/pkix support (or subsume into gssapi draft)
May 02  Publish draft on terminal server support
Dec 02  File transfer draft ready for last call
Internet-Drafts:
  • - draft-ietf-secsh-transport-17.txt
  • - draft-ietf-secsh-userauth-18.txt
  • - draft-ietf-secsh-connect-18.txt
  • - draft-ietf-secsh-architecture-15.txt
  • - draft-ietf-secsh-auth-kbdinteract-05.txt
  • - draft-ietf-secsh-gsskeyex-07.txt
  • - draft-ietf-secsh-publickeyfile-04.txt
  • - draft-ietf-secsh-dh-group-exchange-04.txt
  • - draft-ietf-secsh-assignednumbers-05.txt
  • - draft-ietf-secsh-dns-05.txt
  • - draft-ietf-secsh-newmodes-01.txt
  • - draft-ietf-secsh-break-01.txt
  • - draft-ietf-secsh-scp-sftp-ssh-uri-00.txt
  • - draft-ietf-secsh-publickey-subsystem-00.txt
  • No Request For Comments

    Current Meeting Report

    Korea.Secure Shell (secsh) WG Session summary:
    
    
    We met for one hour on Tuesday afternoon.
    
    
    Document status:
    
    
    One document, draft-ietf-secsh-dns-05.txt has emerged from IESG review and is 
    now in the RFC editor queue.  (a first for this group); it also got a DNS RR 
    type code assigned by IANA.
    
    
    The core protocol drafts were returned from the IESG with a number of 
    minor comments; we are in the process of resolving the technical issues and 
    will respin once these are resolved.
    
    
    One other draft 
    (draft-ietf-secsh-auth-kbdinteract-05.txt) was also returned from the IESG 
    with comments.
    
    
    The Diffie-Hellman Group Exchange negotiation draft has just been passed to 
    the IESG.
    
    
    Three other drafts are in WG Last Call (break, newmodes, and 
    publickeyfile).  "newmodes" is probably the most interesting as it 
    suggests several new cryptographic modes which fix minor 
    cryptoraphic defects in the ssh transport mode.
    
    
    A new draft on SSH/SCP/SFTP URI formats was recently submitted and is 
    almost ready for review by the URI doctors.
    
    
    proposed issue resolutions:
            - transport draft needs to move 3DES, AES references to 
    normative
            - group sizes:
                    preliminary discussions suggest that it will take some time 
    to nail down new grops; we will instead put a note in the security 
    considerations section mentioning that group 1 is somewhat small, and 
    additional groups will be specified in subsequent documents.
            - confusing/conflicting text with regards to version string line 
    termination: 
                    proposed text sent to WG list; needs review.
            - 3des effective strength:
                    in security considerations section, mention that there is a 
    known but not practical 2^112 time 2^112 space attack which makes 3des 
    slightly weaker than the 2^128 bit effective strength threshold; 
    existing deployments and lack of experience with newer ciphers make 
    demoting 3des imprudent at this time.
            - move AES to REQUIRED?
                    there does not seem to be any objection to this.
            - asymmetric algorithms
                    change document to say that the symmetric algorithms used 
    SHOULD be the same in each direction but there may be environments where it 
    makes sense to decouple them. Nicolas Williams pointed out that this also 
    applies to language negotiation.
            - default login timeouts:
                    leave them alone; they're just defaults.
            - internationalization of passwords.
                    something like the proposed text from the AD was 
    considered and rejected several years ago; leave it alone.
            - confusing/conflicting test with respect to "implicit server 
    authentication"
                    jhutz will propose replacement text soon.
    
    
    near-term action items:
    
    
     - all document authors should contact the WG chair to arrange for write 
    access to the issue tracker.
    
    
     - wg chair to send summary the proposed resolution of core draft issues to 
    the WG list for discussion/consensus call.
    
    
     - jhutz will provide clarifying text relating to "implicit server 
    authentication" in the transport draft.
    
    
     - once resolved, document editor will re-spin core drafts
    
    
     - wg chair will close out WGLC on break, publickeyfile, and newmodes and 
    request publication when appropriate.
    
    
     - jhutz will respin the gsskeyex draft to include additional DH groups 
    besides oakley group 1 (as well as redo the security 
    considerations section)
    
    
     - wg chair will do WGLC on gsskeyex once respun
    
    
    
             

    Slides

    None received.