draft-ietf-secsh-architecture-15.2.ps

OTP是开放电信平台的简称

5 129 M
(Ylonen & Moffat          Expires March 31, 2004                 [Page 4]) s
_R
S
PStoPSsaved restore
%%Page: (4,5) 3
userdict/PStoPSsaved save put
PStoPSmatrix setmatrix
595.000000 0.271378 translate
90 rotate
0.706651 dup scale
userdict/PStoPSmatrix matrix currentmatrix put
userdict/PStoPSclip{0 0 moveto
 595.000000 0 rlineto 0 842.000000 rlineto -595.000000 0 rlineto
 closepath}put initclip
/showpage{}def/copypage{}def/erasepage{}def
PStoPSxform concat
%%BeginPageSetup
_S
75 0 translate
/pagenum 5 def
/fname () def
/fdir () def
/ftail () def
/user_header_p false def
%%EndPageSetup
5 723 M
(Internet-Draft         SSH Protocol Architecture                Oct 2003) s
5 690 M
(   connections to that host.) s
5 668 M
(   Implementations MAY provide additional methods for verifying the) s
5 657 M
(   correctness of host keys, e.g. a hexadecimal fingerprint derived from) s
5 646 M
(   the SHA-1 hash of the public key. Such fingerprints can easily be) s
5 635 M
(   verified by using telephone or other external communication channels.) s
5 613 M
(   All implementations SHOULD provide an option to not accept host keys) s
5 602 M
(   that cannot be verified.) s
5 580 M
(   We believe that ease of use is critical to end-user acceptance of) s
5 569 M
(   security solutions, and no improvement in security is gained if the) s
5 558 M
(   new solutions are not used.  Thus, providing the option not to check) s
5 547 M
(   the server host key is believed to improve the overall security of) s
5 536 M
(   the Internet, even though it reduces the security of the protocol in) s
5 525 M
(   configurations where it is allowed.) s
5 503 M
(4.2 Extensibility) s
5 481 M
(   We believe that the protocol will evolve over time, and some) s
5 470 M
(   organizations will want to use their own encryption, authentication) s
5 459 M
(   and/or key exchange methods.  Central registration of all extensions) s
5 448 M
(   is cumbersome, especially for experimental or classified features.) s
5 437 M
(   On the other hand, having no central registration leads to conflicts) s
5 426 M
(   in method identifiers, making interoperability difficult.) s
5 404 M
(   We have chosen to identify algorithms, methods, formats, and) s
5 393 M
(   extension protocols with textual names that are of a specific format.) s
5 382 M
(   DNS names are used to create local namespaces where experimental or) s
5 371 M
(   classified extensions can be defined without fear of conflicts with) s
5 360 M
(   other implementations.) s
5 338 M
(   One design goal has been to keep the base protocol as simple as) s
5 327 M
(   possible, and to require as few algorithms as possible.  However, all) s
5 316 M
(   implementations MUST support a minimal set of algorithms to ensure) s
5 305 M
(   interoperability \(this does not imply that the local policy on all) s
5 294 M
(   hosts would necessary allow these algorithms\).  The mandatory) s
5 283 M
(   algorithms are specified in the relevant protocol documents.) s
5 261 M
(   Additional algorithms, methods, formats, and extension protocols can) s
5 250 M
(   be defined in separate drafts.  See Section Algorithm Naming \(Section) s
5 239 M
(   6\) for more information.) s
5 217 M
(4.3 Policy Issues) s
5 195 M
(   The protocol allows full negotiation of encryption, integrity, key) s
5 184 M
(   exchange, compression, and public key algorithms and formats.) s
5 173 M
(   Encryption, integrity, public key, and compression algorithms can be) s
5 129 M
(Ylonen & Moffat          Expires March 31, 2004                 [Page 5]) s
_R
S
PStoPSsaved restore
userdict/PStoPSsaved save put
PStoPSmatrix setmatrix
595.000000 421.271378 translate
90 rotate
0.706651 dup scale
userdict/PStoPSmatrix matrix currentmatrix put
userdict/PStoPSclip{0 0 moveto
 595.000000 0 rlineto 0 842.000000 rlineto -595.000000 0 rlineto
 closepath}put initclip
PStoPSxform concat
%%BeginPageSetup
_S
75 0 translate
/pagenum 6 def
/fname () def
/fdir () def
/ftail () def
/user_header_p false def
%%EndPageSetup
5 723 M
(Internet-Draft         SSH Protocol Architecture                Oct 2003) s
5 690 M
(   different for each direction.) s
5 668 M
(   The following policy issues SHOULD be addressed in the configuration) s
5 657 M
(   mechanisms of each implementation:) s
5 646 M
(   o  Encryption, integrity, and compression algorithms, separately for) s
5 635 M
(      each direction.  The policy MUST specify which is the preferred) s
5 624 M
(      algorithm \(e.g. the first algorithm listed in each category\).) s
5 613 M
(   o  Public key algorithms and key exchange method to be used for host) s
5 602 M
(      authentication.  The existence of trusted host keys for different) s
5 591 M
(      public key algorithms also affects this choice.) s
5 580 M
(   o  The authentication methods that are to be required by the server) s
5 569 M
(      for each user.  The server's policy MAY require multiple) s
5 558 M
(      authentication for some or all users.  The required algorithms MAY) s
5 547 M
(      depend on the location where the user is trying to log in from.) s
5 536 M
(   o  The operations that the user is allowed to perform using the) s
5 525 M
(      connection protocol.  Some issues are related to security; for) s
5 514 M
(      example, the policy SHOULD NOT allow the server to start sessions) s
5 503 M
(      or run commands on the client machine, and MUST NOT allow) s
5 492 M
(      connections to the authentication agent unless forwarding such) s
5 481 M
(      connections has been requested.  Other issues, such as which TCP/) s
5 470 M
(      IP ports can be forwarded and by whom, are clearly issues of local) s
5 459 M
(      policy. Many of these issues may involve traversing or bypassing) s
5 448 M
(      firewalls, and are interrelated with the local security policy.) s
5 426 M
(4.4 Security Properties) s
5 404 M
(   The primary goal of the SSH protocol is improved security on the) s
5 393 M
(   Internet.  It attempts to do this in a way that is easy to deploy,) s
5 382 M
(   even at the cost of absolute security.) s
5 371 M
(   o  All encryption, integrity, and public key algorithms used are) s
5 360 M
(      well-known, well-established algorithms.) s
5 349 M
(   o  All algorithms are used with cryptographically sound key sizes) s
5 338 M
(      that are believed to provide protection against even the strongest) s
5 327 M
(      cryptanalytic attacks for decades.) s
5 316 M
(   o  All algorithms are negotiated, and in case some algorithm is) s
5 305 M
(      broken, it is easy to switch to some other algorithm without) s
5 294 M
(      modifying the base protocol.) s
5 272 M
(   Specific concessions were made to make wide-spread fast deployment) s
5 261 M
(   easier.  The particular case where this comes up is verifying that) s
5 250 M
(   the server host key really belongs to the desired host; the protocol) s
5 239 M
(   allows the verification to be left out \(but this is NOT RECOMMENDED\).) s
5 228 M
(   This is believed to significantly improve usability in the short) s
5 217 M
(   term, until widespread Internet public key infrastructures emerge.) s
5 195 M
(4.5 Packet Size and Overhead) s
5 173 M
(   Some readers will worry about the increase in packet size due to new) s
5 129 M
(Ylonen & Moffat          Expires March 31, 2004                 [Page 6]) s
_R
S
PStoPSsaved restore
%%Page: (6,7) 4
userdict/PStoPSsaved save put
PStoPSmatrix setmatrix
595.000000 0.271378 translate
90 rotate
0.706651 dup scale
userdict/PStoPSmatrix matrix currentmatrix put
userdict/PStoPSclip{0 0 moveto
 595.000000 0 rlineto 0 842.000000 rlineto -595.000000 0 rlineto
 closepath}put initclip
/showpage{}def/copypage{}def/erasepage{}def
PStoPSxform concat
%%BeginPageSetup
_S
75 0 translate
/pagenum 7 def
/fname () def
/fdir () def
/ftail () def
/user_header_p false def
%%EndPageSetup
5 723 M
(Internet-Draft         SSH Protocol Architecture                Oct 2003) s
5 690 M
(   headers, padding, and MAC.  The minimum packet size is in the order) s
5 679 M
(   of 28 bytes \(depending on negotiated algorithms\).  The increase is) s
5 668 M
(   negligible for large packets, but very significant for one-byte) s
5 657 M
(   packets \(telnet-type sessions\).  There are, however, several factors) s
5 646 M
(   that make this a non-issue in almost all cases:) s
5 635 M
(   o  The minimum size of a TCP/IP header is 32 bytes.  Thus, the) s
5 624 M
(      increase is actually from 33 to 51 bytes \(roughly\).) s
5 613 M
(   o  The minimum size of the data field of an Ethernet packet is 46) s
5 602 M
(      bytes [RFC-894]. Thus, the increase is no more than 5 bytes. When) s
5 591 M
(      Ethernet headers are considered, the increase is less than 10) s
5 580 M
(      percent.) s
5 569 M
(   o  The total fraction of telnet-type data in the Internet is) s
5 558 M
(      negligible, even with increased packet sizes.) s
5 536 M
(   The only environment where the packet size increase is likely to have) s
5 525 M
(   a significant effect is PPP [RFC-1134] over slow modem lines \(PPP) s
5 514 M
(   compresses the TCP/IP headers, emphasizing the increase in packet) s
5 503 M
(   size\). However, with modern modems, the time needed to transfer is in) s
5 492 M
(   the order of 2 milliseconds, which is a lot faster than people can) s
5 481 M
(   type.) s
5 459 M
(   There are also issues related to the maximum packet size.  To) s
5 448 M
(   minimize delays in screen updates, one does not want excessively) s
5 437 M
(   large packets for interactive sessions.  The maximum packet size is) s
5 426 M
(   negotiated separately for each channel.) s
5 404 M
(4.6 Localization and Character Set Support) s
5 382 M
(   For the most part, the SSH protocols do not directly pass text that) s
5 371 M
(   would be displayed to the user. However, there are some places where) s
5 360 M
(   such data might be passed. When applicable, the character set for the) s
5 349 M
(   data MUST be explicitly specified. In most places, ISO 10646 with) s
5 338 M
(   UTF-8 encoding is used [RFC-2279]. When applicable, a field is also) s
5 327 M
(   provided for a language tag [RFC-3066].) s
5 305 M
(   One big issue is the character set of the interactive session.  There) s
5 294 M
(   is no clear solution, as different applications may display data in) s
5 283 M
(   different formats.  Different types of terminal emulation may also be) s
5 272 M
(   employed in the client, and the character set to be used is) s
5 261 M
(   effectively determined by the terminal emulation.  Thus, no place is) s
5 250 M
(   provided for directly specifying the character set or encoding for) s
5 239 M
(   terminal session data.  However, the terminal emulation type \(e.g.) s
5 228 M
(   "vt100"\) is transmitted to the remote site, and it implicitly) s
5 217 M
(   specifies the character set and encoding.  Applications typically use) s
5 206 M
(   the terminal type to determine what character set they use, or the) s
5 195 M
(   character set is determined using some external means.  The terminal) s
5 184 M
(   emulation may also allow configuring the default character set.  In) s
5 173 M
(   any case, the character set for the terminal session is considered) s
5 129 M
(Ylonen & Moffat          Expires March 31, 2004                 [Page 7]) s
_R
S
PStoPSsaved restore
userdict/PStoPSsaved save put
PStoPSmatrix setmatrix
595.000000 421.271378 translate
90 rotate
0.706651 dup scale
userdict/PStoPSmatrix matrix currentmatrix put
userdict/PStoPSclip{0 0 moveto
 595.000000 0 rlineto 0 842.000000 rlineto -595.000000 0 rlineto
 closepath}put initclip
PStoPSxform concat
%%BeginPageSetup
_S
75 0 translate
/pagenum 8 def
/fname () def
/fdir () def
/ftail () def
/user_header_p false def
%%EndPageSetup
5 723 M
(Internet-Draft         SSH Protocol Architecture                Oct 2003) s
5 690 M
(   primarily a client local issue.) s
5 668 M
(   Internal names used to identify algorithms or protocols are normally) s
5 657 M
(   never displayed to users, and must be in US-ASCII.) s
5 635 M
(   The client and server user names are inherently constrained by what) s
5 624 M
(   the server is prepared to accept.  They might, however, occasionally) s
5 613 M
(   be displayed in logs, reports, etc.  They MUST be encoded using ISO) s
5 602 M
(   10646 UTF-8, but other encodings may be required in some cases.  It) s
5 591 M
(   is up to the server to decide how to map user names to accepted user) s
5 580 M
(   names.  Straight bit-wise binary comparison is RECOMMENDED.) s
5 558 M
(   For localization purposes, the protocol attempts to minimize the) s
5 547 M
(   number of textual messages transmitted.  When present, such messages) s
5 536 M
(   typically relate to errors, debugging information, or some externally) s
5 525 M
(   configured data.  For data that is normally displayed, it SHOULD be) s
5 514 M
(   possible to fetch a localized message instead of the transmitted) s
5 503 M
(   message by using a numerical code. The remaining messages SHOULD be) s
5 492 M
(   configurable.) s
5 470 M
(5. Data Type Representations Used in the SSH Protocols) s
5 459 M
(   byte) s
5 437 M
(      A byte represents an arbitrary 8-bit value \(octet\) [RFC-1700].) s
5 426 M
(      Fixed length data is sometimes represented as an array of bytes,) s
5 415 M
(      written byte[n], where n is the number of bytes in the array.) s
5 393 M
(   boolean) s
5 371 M
(      A boolean value is stored as a single byte.  The value 0) s
5 360 M
(      represents FALSE, and the value 1 represents TRUE. All non-zero) s
5 349 M
(      values MUST be interpreted as TRUE; however, applications MUST NOT) s
5 338 M
(      store values other than 0 and 1.) s
5 316 M
(   uint32) s
5 294 M