The IESG has approved the following document: - 'Use of SHA-256 Algorithm with RSA, DSA and ECDSA in SSHFP Resource Records' (draft-os-ietf-sshfp-ecdsa-sha2-07.txt) as a Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Stephen Farrell. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-os-ietf-sshfp-ecdsa-sha2/ Technical Summary This document adds entries to the registries defined in RFC 4255, defining how to provide fingerprints for Secure Shell (SSH) Elliptic Curve Digital Signature Algorithm (ECDSA) public keys, as per RFC 6090, and to use the SHA-256 manifest digest algorithm for public key fingerprints in SSHFP Resource Records. These algorithms have been already added into the Secure Shell protocol and this document adds support for the newly supported algorithms in the DNS SSHFP Resource Records. Working Group Summary This is not the product of a working group but has been reviewed on the saag and openssh lists. Only messages supportive of publication resulted. (Not many but enough and no objections.) IETF LC comments received have already been taken into account. Document Quality There is an existing implementation available as a patch for OpenSSH that allows OpenSSH to use the new SSHFP capabilities. This patch has been provided by the author of this document and it is available under the same licensing terms as OpenSSH. Personnel Elwyn Davies is the document shepherd. Stephen Farrell is the responsible AD. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
