Bug 2023 - MACs hmac-sha2-256-96 and hmac-sha2-512-96 rejected from new RFC
Summary: MACs hmac-sha2-256-96 and hmac-sha2-512-96 rejected from new RFC
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 6.0p1
Hardware: All All
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords: patch
Depends on:
Blocks: V_6_1
  Show dependency treegraph
 
Reported: 2012-06-28 07:35 AEST by Mark D Baushke
Modified: 2015-08-11 23:03 AEST (History)
2 users (show)

See Also:

Attachments
Patches to OpenSSH and OpenSSH portable to remove hmac-sha2-*-96 MACs (7.02 KB, patch)
2012-06-28 07:35 AEST, Mark D Baushke 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark D Baushke 2012-06-28 07:35:58 AEST 
Created attachment 2169 [details]
Patches to OpenSSH and OpenSSH portable to remove hmac-sha2-*-96 MACs

draft-dbider-sha2-mac-for-ssh-06.txt (soon to be RFC 6668) does not
include the hmac-sha2-256-96 and hmac-sha2-512-96 variants. The IESG
felt they were not appropriate.

As they are not registered names, it is neeful to either remove them,
or add @openssh.com to them. I suggest removal is the better way to go.

See also http://www.iana.org/assignments/ssh-parameters for the
officially registered MAC Algorithm Names.
Comment 1 Darren Tucker 2012-06-29 17:55:05 AEST 
Patch applied, thanks.
Comment 2 Damien Miller 2015-08-11 23:03:08 AEST 
Set all RESOLVED bugs to CLOSED with release of OpenSSH 7.1