Secure Shell (secsh) -------------------- Charter Last Modified: 2005-09-08 Current Status: Active Working Group Chair(s): Bill Sommerfeld Security Area Director(s): Russ Housley Sam Hartman Security Area Advisor: Sam Hartman Mailing Lists: General Discussion:ietf-ssh@netbsd.org To Subscribe: majordomo@netbsd.org In Body: subscribe ietf-ssh Archive: ftp://ftp.ietf.org/ietf-mail-archive/secsh/ Description of Working Group: The goal of the working group is to update and standardize the popular SSH protocol. SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwardings. It can automatically encrypt, authenticate, and compress transmitted data. The working group will attempt to assure that the SSH protocol o provides strong security against cryptanalysis and protocol attacks, o can work reasonably well without a global key management or certificate infrastructure, o can utilize existing certificate infrastructures (e.g., DNSSEC, SPKI, X.509) when available, o can be made easy to deploy and take into use, o requires minimum or no manual interaction from users, o is reasonably clean and simple to implement. The resulting protocol will operate over TCP/IP or other reliable but insecure transport. It is intended to be implemented at the application level. Goals and Milestones: Done Submit Internet-Draft on SSH-2.0 protocol Done Decide on Transport Layer protocol at Memphis IETF. Done Post revised core secsh drafts Done Submit core drafts to IESG for publication as proposed standard Done Post extensions drafts for review Done Start sending extensions drafts to Last Call Done Publish draft on new crypto modes Done GSSAPI draft ready for last call Done Publish draft on X.509v3/pkix support (or subsume into gssapi draft) Done Publish draft on terminal server support Done IESG approval of core drafts Aug 2005 Public key subsystem ready for last call Done Publickeyfile ready for last call as Informational Sep 2005 URI draft ready for last call Oct 2005 File transfer draft ready for last call Oct 2005 X.509v3/pkix draft ready for last call Nov 2005 Investigate Draft Standard status for secure shell Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Jan 2001 Jul 2006 SSH File Transfer Protocol Jan 2001 Mar 2006 SSH Public Key File Format Oct 2003 Jul 2006 Secure Shell Public-Key Subsystem Mar 2005 Mar 2006 X.509 authentication in SSH Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC4250Standard Jan 2006 The Secure Shell (SSH) Protocol Assigned Numbers RFC4256Standard Jan 2006 Generic Message Exchange Authentication For The Secure Shell Protocol (SSH) RFC4255Standard Jan 2006 Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints RFC4254Standard Jan 2006 The Secure Shell (SSH) Connection Protocol RFC4253Standard Jan 2006 The Secure Shell (SSH) Transport Layer Protocol RFC4252Standard Jan 2006 The Secure Shell (SSH) Authentication Protocol RFC4251Standard Jan 2006 The Secure Shell (SSH) Protocol Architecture RFC4344Standard Jan 2006 The Secure Shell (SSH) Transport Layer Encryption Modes RFC4335Standard Jan 2006 Secure Shell (SSH) Session Channel Break Extension RFC4419 PS Mar 2006 Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol RFC4462 PS May 2006 Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell Protocol