Bug 2023

Summary:

MACs hmac-sha2-256-96 and hmac-sha2-512-96 rejected from new RFC

Product:

Portable OpenSSH

Reporter:

Mark D Baushke <mdb>

Component:

sshd

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

normal

CC:

dtucker, mdb

Priority:

Keywords:

patch

Version:

6.0p1

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

1986

Attachments:

Description	Flags
Patches to OpenSSH and OpenSSH portable to remove hmac-sha2-*-96 MACs	none

Description Mark D Baushke 2012-06-28 07:35:58 AEST

Created attachment 2169 [details]
Patches to OpenSSH and OpenSSH portable to remove hmac-sha2-*-96 MACs

draft-dbider-sha2-mac-for-ssh-06.txt (soon to be RFC 6668) does not
include the hmac-sha2-256-96 and hmac-sha2-512-96 variants. The IESG
felt they were not appropriate.

As they are not registered names, it is neeful to either remove them,
or add @openssh.com to them. I suggest removal is the better way to go.

See also http://www.iana.org/assignments/ssh-parameters for the
officially registered MAC Algorithm Names.

Comment 1 Darren Tucker 2012-06-29 17:55:05 AEST

Patch applied, thanks.

Comment 2 Damien Miller 2015-08-11 23:03:08 AEST

Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1