New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove camellia* cipher suite? #278
Comments
For the record, I'd like to know this so that I can document this cipher mode on http://ssh-comparison.quendi.de/comparison.html |
See the PR #37 http://www.csg.ci.i.u-tokyo.ac.jp/old-pages/yanagisawa/Sites/text/camellia-e.html has the patches to openssh. |
Aha, that page links to https://bugzilla.mindrot.org/show_bug.cgi?id=1340 which in turn at the bottom links to http://tools.ietf.org/id/draft-kanno-secsh-camellia-01.txt and searching the IETF website finally leads to a slightly newer version of that draft: https://tools.ietf.org/html/draft-kanno-secsh-camellia-02 The newer draft has no actual content changes, and it also expired on August 1, 2011... On a technical level, this looks like somebody copy & pasted parts of the AES cipher specs, and replaced "aes" by "camellia" resp. "AES" by "CAMELLIA"... :). Not that this is necessarily a bad thing, mind you. Still, I wonder what happened... various other Camellia based RFC made it to standards track, but this one just died? Ah well |
Hi, I think it's time to drop camellia support because:
|
Net::SSH supports a set of ciphers based on the camellia cipher family. However, I have not been able to find any documentation or specification for this cipher in the context of SSH. Moreover, I have not been able to find any deployed SSH client, server or library other than Net::SSH supporting this cipher. I did find some unofficial patches for OpenSSH dating from 2007 to 2010, but that's it.
Moreover, I am somewhat worried by the use of the cipher names with an opeenssh.org suffix, e.g.
camellia128-cbc@openssh.org
-- this suggest to an outsider that this is a specification due to the OpenSSH team. However, I was not able to find reference to "camellia" in the OpenSSH code repository.Since you implemented this, I would assume you are aware of a specification?
Perhaps it is your own invention -- in that case, its name should be more like
camellia128-cbc@net-ssh.github.io
-- and of course this still leaves the question of a specification for the wire protocol :).Finally, I wonder how you test this code, as I am not aware of any SSH server supporting this suite (and would love to learn if you know of one). Or perhaps you are using those unofficial OpenSSH patches?
The text was updated successfully, but these errors were encountered: