On Thu 2015-05-21 20:33:24 -0400, Damien Miller wrote: > On Thu, 21 May 2015, Matthew Vernon wrote: >> openssh already prefers ECDH, which must reduce the impact somewhat, >> although the main Windows client (PuTTY) doesn't support ECDH yet. But >> openssh does still offer diffie-hellman-group1-sha1 (uses a 1024-bit >> group) and diffie-hellman-group14-sha1 (uses a 2047-bit group), which >> must be considered a bit suspect? Of course RFC4253 says implementations >> MUST offer these... > > We'll be violating a few "MUST" clauses in the 7.0 release in the > interests of security, including turning off group1 by default. Is it worth trying to update the RFC to change these MUSTs for something better? --dkg _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev