Increase the Secure Shell Minimum Recommended Diffie-Hellman Modulus Size to 2048 Bits
RFC 8270

Revision differences

Document history

Date Rev. By Action
2018-09-24
06 (System) Received changes through RFC Editor sync (added Errata tag)
2017-12-05
06 (System)
Received changes through RFC Editor sync (created alias RFC 8270, changed title to 'Increase the Secure Shell Minimum Recommended Diffie-Hellman Modulus Size to 2048 Bits ...
2017-12-05
06 (System) RFC published
2017-12-05
06 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2017-10-31
06 (System) RFC Editor state changed to AUTH48 from RFC-EDITOR
2017-10-31
06 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2017-09-25
06 (System) RFC Editor state changed to EDIT
2017-09-25
06 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2017-09-25
06 (System) Announcement was received by RFC Editor
2017-09-25
06 (System) IANA Action state changed to No IC from In Progress
2017-09-25
06 (System) IANA Action state changed to In Progress
2017-09-25
06 Cindy Morgan IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2017-09-25
06 Cindy Morgan IESG has approved the document
2017-09-25
06 Cindy Morgan Closed "Approve" ballot
2017-09-25
06 Cindy Morgan Ballot approval text was generated
2017-09-25
06 Cindy Morgan Ballot writeup was changed
2017-09-23
06 Eric Rescorla IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::Point Raised - writeup needed
2017-09-22
06 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed
2017-09-22
06 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-06.txt
2017-09-22
06 (System) New version approved
2017-09-22
06 (System) Request for posting confirmation emailed to previous authors: Loganaden Velvindron <logan@hackers.mu>, Mark Baushke <mdb@juniper.net>
2017-09-22
06 Loganaden Velvindron Uploaded new revision
2017-09-20
05 Tero Kivinen Closed request for Last Call review by SECDIR with state 'No Response'
2017-09-14
05 Cindy Morgan IESG state changed to Approved-announcement to be sent::Point Raised - writeup needed from IESG Evaluation
2017-09-13
05 Terry Manderson [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson
2017-09-13
05 Suresh Krishnan
[Ballot comment]
RFC4419 specifies an example in Appendix A that uses a 1024 bit safe prime. Shouldn't this Appendix be updated by the draft ...
2017-09-13
05 Suresh Krishnan [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan
2017-09-13
05 Benoît Claise
[Ballot comment]
Sue, in her OPS DIR review, brought up a good point.
This document does not indicate whether it is wise for the operations ...
2017-09-13
05 Benoît Claise [Ballot Position Update] New position, No Objection, has been recorded for Benoit Claise
2017-09-13
05 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2017-09-13
05 Ben Campbell
[Ballot comment]
I share the questions about "SHOULD" vs "MUST".

- abstract: "insufficient against state-sponsored
  actors, and possibly an organization with enough computing resources"

Should ...
2017-09-13
05 Ben Campbell [Ballot Position Update] New position, Yes, has been recorded for Ben Campbell
2017-09-13
05 Kathleen Moriarty
[Ballot comment]
I do agree with Spencer, the text that is non-normative reads as if this is fully deprecating any recommendation below 2048, but then ...
2017-09-13
05 Kathleen Moriarty [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty
2017-09-13
05 Susan Hares Request for Last Call review by OPSDIR Completed: Has Nits. Reviewer: Susan Hares. Sent review to list.
2017-09-12
05 Deborah Brungard [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard
2017-09-12
05 Alia Atlas [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas
2017-09-12
05 Adam Roach [Ballot Position Update] New position, Yes, has been recorded for Adam Roach
2017-09-12
05 Spencer Dawkins
[Ballot comment]
So, I see that the recommendations are mostly SHOULDs.

Is this, perhaps, for backward compatibility with SSH implementations that don't implement this ...
2017-09-12
05 Spencer Dawkins [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins
2017-09-11
05 Warren Kumari
[Ballot comment]
Minor nit:

Section 2.  2048 bits DH Group
"It also suggests that in all cases, the size of the group needs be ...
2017-09-11
05 Warren Kumari [Ballot Position Update] New position, Yes, has been recorded for Warren Kumari
2017-09-11
05 Alexey Melnikov [Ballot Position Update] New position, Yes, has been recorded for Alexey Melnikov
2017-09-04
05 Mirja Kühlewind [Ballot comment]
1) Can you explain why the pre-5378 boilerplate is used?

2) I guess RFC4419 should be a normative reference!
2017-09-04
05 Mirja Kühlewind Ballot comment text updated for Mirja Kühlewind
2017-09-04
05 Mirja Kühlewind [Ballot comment]
1) Can you explain why the pre-5378 boilerplate is used?

2) I guess RFC4419 should be normative reference!
2017-09-04
05 Mirja Kühlewind [Ballot Position Update] New position, Yes, has been recorded for Mirja Kühlewind
2017-08-18
05 Eric Rescorla IESG state changed to IESG Evaluation from Waiting for Writeup
2017-08-18
05 Eric Rescorla Placed on agenda for telechat - 2017-09-14
2017-08-18
05 Eric Rescorla Ballot has been issued
2017-08-18
05 Eric Rescorla [Ballot Position Update] New position, Yes, has been recorded for Eric Rescorla
2017-08-18
05 Eric Rescorla Created "Approve" ballot
2017-08-18
05 Eric Rescorla Ballot writeup was changed
2017-07-30
05 (System) IESG state changed to Waiting for Writeup from In Last Call
2017-07-26
05 (System) IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed
2017-07-26
05 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has reviewed draft-ietf-curdle-ssh-dh-group-exchange-04, which is currently in Last Call, and has the following ...
2017-07-25
05 Pete Resnick Request for Last Call review by GENART Completed: Ready. Reviewer: Pete Resnick. Sent review to list.
2017-07-20
05 Tero Kivinen Request for Last Call review by SECDIR is assigned to Daniel Franke
2017-07-20
05 Tero Kivinen Request for Last Call review by SECDIR is assigned to Daniel Franke
2017-07-20
05 Jean Mahoney Request for Last Call review by GENART is assigned to Pete Resnick
2017-07-20
05 Jean Mahoney Request for Last Call review by GENART is assigned to Pete Resnick
2017-07-17
05 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Susan Hares
2017-07-17
05 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Susan Hares
2017-07-17
05 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-05.txt
2017-07-17
05 (System) New version approved
2017-07-17
05 (System) Request for posting confirmation emailed to previous authors: Loganaden Velvindron <logan@hackers.mu>, Mark Baushke <mdb@juniper.net>
2017-07-17
05 Loganaden Velvindron Uploaded new revision
2017-07-16
04 Cindy Morgan IANA Review state changed to IANA - Review Needed
2017-07-16
04 Cindy Morgan
The following Last Call announcement was sent out (ends 2017-07-30):

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: ekr@rtfm.com ...
2017-07-16
04 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2017-07-16
04 Eric Rescorla Last call was requested
2017-07-16
04 Eric Rescorla Last call announcement was generated
2017-07-16
04 Eric Rescorla Ballot approval text was generated
2017-07-16
04 Eric Rescorla Ballot writeup was generated
2017-07-16
04 Eric Rescorla IESG state changed to Last Call Requested from Publication Requested
2017-07-11
04 Daniel Migault
As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 ...
2017-07-11
04 Daniel Migault Responsible AD changed to Eric Rescorla
2017-07-11
04 Daniel Migault IETF WG state changed to Submitted to IESG for Publication from In WG Last Call
2017-07-11
04 Daniel Migault IESG state changed to Publication Requested
2017-07-11
04 Daniel Migault IESG process started in state Publication Requested
2017-07-11
04 Daniel Migault Changed document writeup
2017-07-11
04 Daniel Migault Changed document writeup
2017-06-22
04 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-04.txt
2017-06-22
04 (System) New version approved
2017-06-22
04 (System) Request for posting confirmation emailed to previous authors: Loganaden Velvindron <logan@hackers.mu>, Mark Baushke <mdb@juniper.net>
2017-06-22
04 Loganaden Velvindron Uploaded new revision
2017-06-21
03 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-03.txt
2017-06-21
03 (System) New version approved
2017-06-21
03 (System) Request for posting confirmation emailed to previous authors: Loganaden Velvindron <logan@hackers.mu>, Mark Baushke <mdb@juniper.net>
2017-06-21
03 Loganaden Velvindron Uploaded new revision
2017-06-21
02 Daniel Migault IETF WG state changed to In WG Last Call from WG Document
2017-06-20
02 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-02.txt
2017-06-20
02 (System) New version approved
2017-06-20
02 (System) Request for posting confirmation emailed to previous authors: Loganaden Velvindron <logan@hackers.mu>, Mark Baushke <mdb@juniper.net>
2017-06-20
02 Loganaden Velvindron Uploaded new revision
2017-06-12
01 Daniel Migault Changed document writeup
2017-06-12
01 Daniel Migault Changed document writeup
2017-06-12
01 Daniel Migault Changed document writeup
2017-06-11
01 Daniel Migault Changed document writeup
2017-06-11
01 Daniel Migault Changed consensus to Yes from Unknown
2017-06-11
01 Daniel Migault Intended Status changed to Proposed Standard from None
2017-06-11
01 Daniel Migault Notification list changed to Daniel Migault <daniel.migault@ericsson.com>
2017-06-11
01 Daniel Migault Document shepherd changed to Daniel Migault
2017-05-18
01 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-01.txt
2017-05-18
01 (System) New version approved
2017-05-18
01 (System) Request for posting confirmation emailed to previous authors: Loganaden Velvindron <logan@hackers.mu>, curdle-chairs@ietf.org, Mark Baushke <mdb@juniper.net>
2017-05-18
01 Loganaden Velvindron Uploaded new revision
2017-05-16
00 Loganaden Velvindron New version available: draft-ietf-curdle-ssh-dh-group-exchange-00.txt
2017-05-16
00 (System) WG -00 approved
2017-05-12
00 Loganaden Velvindron Set submitter to "Loganaden Velvindron <logan@hackers.mu>", replaces to (none) and sent approval email to group chairs: curdle-chairs@ietf.org
2017-05-12
00 Loganaden Velvindron Uploaded new revision