There were a few notes in this thread that may indicate open areas for development. I forward merely as FYI. http://www.metzdowd.com/pipermail/cryptography/2015-January/024231.html ---------- Forwarded message ---------- From: Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx> Date: Sun, Jan 4, 2015 at 9:29 PM Subject: Re: [Cryptography] Why aren’t we using SSH for everything? To: calestyo@xxxxxxxxxxxx, pgut001@xxxxxxxxxxxxxxxxx Cc: cryptography@xxxxxxxxxxxx Christoph Anton Mitterer <calestyo@xxxxxxxxxxxx> writes: >On Sun, 2015-01-04 at 18:54 +1300, Peter Gutmann wrote: >> TLS finally fixed this after a year-long battle to get the change accepted. I >> also suggested it to the SSH folks but they weren't interested, and after the >> fight it took to get it into TLS I just didn't have the energy to go through >> the same thing for SSH. > >$ ssh -Q mac | grep etm >hmac-sha1-etm@xxxxxxxxxxx >hmac-sha1-96-etm@xxxxxxxxxxx >hmac-sha2-256-etm@xxxxxxxxxxx >hmac-sha2-512-etm@xxxxxxxxxxx >hmac-md5-etm@xxxxxxxxxxx >hmac-md5-96-etm@xxxxxxxxxxx >hmac-ripemd160-etm@xxxxxxxxxxx >umac-64-etm@xxxxxxxxxxx >umac-128-etm@xxxxxxxxxxx I've done the same thing, but the problem is that a bunch of (probably) incompatible vendor-specific extensions doesn't profit the community as a whole. If anyone from OpenSSH would like to get in touch, we can (a) see if what we're doing is interoperable and (b) document it in an RFC for general adoption. Peter. _______________________________________________ The cryptography mailing list cryptography@xxxxxxxxxxxx http://www.metzdowd.com/mailman/listinfo/cryptography _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev