Secure Shell (secsh)
--------------------
Charter
Last Modified: 2005-09-08
Current Status: Active Working Group
Chair(s):
Bill Sommerfeld <
[email protected]>
Security Area Director(s):
Russ Housley <
[email protected]>
Sam Hartman <
[email protected]>
Security Area Advisor:
Sam Hartman <
[email protected]>
Mailing Lists:
General Discussion:
[email protected]
To Subscribe:
[email protected]
In Body: subscribe ietf-ssh
Archive:
ftp://ftp.ietf.org/ietf-mail-archive/secsh/
Description of Working Group:
The goal of the working group is to update and standardize the popular
SSH protocol. SSH provides support for secure remote login, secure file
transfer, and secure TCP/IP and X11 forwardings. It can automatically
encrypt, authenticate, and compress transmitted data. The working
group will attempt to assure that the SSH protocol
o provides strong security against cryptanalysis and protocol
attacks,
o can work reasonably well without a global key management or
certificate infrastructure,
o can utilize existing certificate infrastructures (e.g., DNSSEC,
SPKI, X.509) when available,
o can be made easy to deploy and take into use,
o requires minimum or no manual interaction from users,
o is reasonably clean and simple to implement.
The resulting protocol will operate over TCP/IP or other reliable but
insecure transport. It is intended to be implemented at the application
level.
Goals and Milestones:
Done Submit Internet-Draft on SSH-2.0 protocol
Done Decide on Transport Layer protocol at Memphis IETF.
Done Post revised core secsh drafts
Done Submit core drafts to IESG for publication as proposed standard
Done Post extensions drafts for review
Done Start sending extensions drafts to Last Call
Done Publish draft on new crypto modes
Done GSSAPI draft ready for last call
Done Publish draft on X.509v3/pkix support (or subsume into gssapi
draft)
Done Publish draft on terminal server support
Done IESG approval of core drafts
Aug 2005 Public key subsystem ready for last call
Done Publickeyfile ready for last call as Informational
Sep 2005 URI draft ready for last call
Oct 2005 File transfer draft ready for last call
Oct 2005 X.509v3/pkix draft ready for last call
Nov 2005 Investigate Draft Standard status for secure shell
Internet-Drafts:
Posted Revised I-D Title <Filename>
------ ------- --------------------------------------------
Jan 2001 Jul 2006 <draft-ietf-secsh-filexfer-13.txt>
SSH File Transfer Protocol
Jan 2001 Mar 2006 <draft-ietf-secsh-publickeyfile-13.txt>
SSH Public Key File Format
Oct 2003 Jul 2006 <draft-ietf-secsh-publickey-subsystem-06.txt>
Secure Shell Public-Key Subsystem
Mar 2005 Mar 2006 <draft-ietf-secsh-x509-03.txt>
X.509 authentication in SSH
Request For Comments:
RFC Stat Published Title
------- -- ----------- ------------------------------------
RFC4250Standard Jan 2006 The Secure Shell (SSH) Protocol Assigned Numbers
RFC4256Standard Jan 2006 Generic Message Exchange Authentication For The Secure
Shell Protocol (SSH)
RFC4255Standard Jan 2006 Using DNS to Securely Publish Secure Shell (SSH) Key
Fingerprints
RFC4254Standard Jan 2006 The Secure Shell (SSH) Connection Protocol
RFC4253Standard Jan 2006 The Secure Shell (SSH) Transport Layer Protocol
RFC4252Standard Jan 2006 The Secure Shell (SSH) Authentication Protocol
RFC4251Standard Jan 2006 The Secure Shell (SSH) Protocol Architecture
RFC4344Standard Jan 2006 The Secure Shell (SSH) Transport Layer Encryption Modes
RFC4335Standard Jan 2006 Secure Shell (SSH) Session Channel Break Extension
RFC4419 PS Mar 2006 Diffie-Hellman Group Exchange for the Secure Shell (SSH)
Transport Layer Protocol
RFC4462 PS May 2006 Generic Security Service Application Program Interface
(GSS-API) Authentication and Key Exchange for the Secure
Shell Protocol
