summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc9519.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc9519.txt')
-rw-r--r--doc/rfc/rfc9519.txt272
1 files changed, 272 insertions, 0 deletions
diff --git a/doc/rfc/rfc9519.txt b/doc/rfc/rfc9519.txt
new file mode 100644
index 0000000..3da643a
--- /dev/null
+++ b/doc/rfc/rfc9519.txt
@@ -0,0 +1,272 @@
+
+
+
+
+Internet Engineering Task Force (IETF) P. Yee
+Request for Comments: 9519 AKAYLA
+Updates: 4250, 4716, 4819, 8308 January 2024
+Category: Standards Track
+ISSN: 2070-1721
+
+
+ Update to the IANA SSH Protocol Parameters Registry Requirements
+
+Abstract
+
+ This specification updates the registration policies for adding new
+ entries to registries within the IANA "Secure Shell (SSH) Protocol
+ Parameters" group of registries. Previously, the registration policy
+ was generally IETF Review, as defined in RFC 8126, although a few
+ registries require Standards Action. This specification changes it
+ from IETF Review to Expert Review. This document updates RFCs 4250,
+ 4716, 4819, and 8308.
+
+Status of This Memo
+
+ This is an Internet Standards Track document.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Further information on
+ Internet Standards is available in Section 2 of RFC 7841.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ https://www.rfc-editor.org/info/rfc9519.
+
+Copyright Notice
+
+ Copyright (c) 2024 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Revised BSD License text as described in Section 4.e of the
+ Trust Legal Provisions and are provided without warranty as described
+ in the Revised BSD License.
+
+Table of Contents
+
+ 1. Introduction
+ 1.1. Requirements Language
+ 2. SSH Protocol Parameters Affected
+ 3. Designated Expert Pool
+ 4. IANA Considerations
+ 5. Security Considerations
+ 6. References
+ 6.1. Normative References
+ 6.2. Informative References
+ Acknowledgements
+ Author's Address
+
+1. Introduction
+
+ The IANA "Secure Shell (SSH) Protocol Parameters" registry was
+ populated by several RFCs including [RFC4250], [RFC4716], [RFC4819],
+ and [RFC8308]. Outside of some narrow value ranges that require
+ Standards Action in order to add new values or that are marked for
+ Private Use, the registration policy for other portions of the
+ registry was IETF Review [RFC8126]. This specification changes the
+ policy from IETF Review to Expert Review. This change is in line
+ with similar changes undertaken for certain IPsec and TLS registries.
+
+1.1. Requirements Language
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+ "OPTIONAL" in this document are to be interpreted as described in
+ BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
+ capitals, as shown here.
+
+2. SSH Protocol Parameters Affected
+
+ The following table lists the "Secure Shell (SSH) Protocol
+ Parameters" registries whose registration policy has changed from
+ IETF Review to Expert Review. Where this change applied to a
+ specific range of values within the particular parameter, that range
+ is given in the notes column. Affected registries now list this
+ document as a reference.
+
+ +===============================+===========+=======================+
+ | Parameter Name | RFC | Notes |
+ +===============================+===========+=======================+
+ | Authentication Method | [RFC4250] | |
+ | Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Channel Connection | [RFC4250] | 0x00000001-0xFDFFFFFF |
+ | Failure Reason Codes | | (inclusive) |
+ | and Descriptions | | |
+ +-------------------------------+-----------+-----------------------+
+ | Compression Algorithm | [RFC4250] | |
+ | Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Connection Protocol | [RFC4250] | |
+ | Channel Request Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Connection Protocol | [RFC4250] | |
+ | Channel Types | | |
+ +-------------------------------+-----------+-----------------------+
+ | Connection Protocol | [RFC4250] | |
+ | Global Request Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Connection Protocol | [RFC4250] | |
+ | Subsystem Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Disconnection Messages | [RFC4250] | 0x00000001-0xFDFFFFFF |
+ | Reason Codes and | | (inclusive) |
+ | Descriptions | | |
+ +-------------------------------+-----------+-----------------------+
+ | Encryption Algorithm | [RFC4250] | |
+ | Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Extended Channel Data | [RFC4250] | 0x00000001-0xFDFFFFFF |
+ | Transfer data_type_code | | (inclusive) |
+ | and Data | | |
+ +-------------------------------+-----------+-----------------------+
+ | Extension Names | [RFC8308] | |
+ +-------------------------------+-----------+-----------------------+
+ | Key Exchange Method | [RFC4250] | |
+ | Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | MAC Algorithm Names | [RFC4250] | |
+ +-------------------------------+-----------+-----------------------+
+ | Pseudo-Terminal Encoded | [RFC4250] | |
+ | Terminal Modes | | |
+ +-------------------------------+-----------+-----------------------+
+ | Public Key Algorithm | [RFC4250] | |
+ | Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Publickey Subsystem | [RFC4819] | |
+ | Attributes | | |
+ +-------------------------------+-----------+-----------------------+
+ | Publickey Subsystem | [RFC4819] | |
+ | Request Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Publickey Subsystem | [RFC4819] | |
+ | Response Names | | |
+ +-------------------------------+-----------+-----------------------+
+ | Service Names | [RFC4250] | |
+ +-------------------------------+-----------+-----------------------+
+ | Signal Names | [RFC4250] | |
+ +-------------------------------+-----------+-----------------------+
+ | SSH Public-Key File | [RFC4716] | Excluding header-tags |
+ | Header Tags | | beginning with x- |
+ +-------------------------------+-----------+-----------------------+
+
+ Table 1: Secure Shell (SSH) Protocol Parameters Affected
+
+ The only IANA SSH protocol parameter registries not affected are
+ "Message Numbers" and "Publickey Subsystem Status Codes", as these
+ remain Standards Action due to their limited resources as one-byte
+ registry values.
+
+3. Designated Expert Pool
+
+ Expert Review [RFC8126] registry requests are registered after a
+ three-week review period on the <ssh-reg-review@ietf.org> mailing
+ list, and on the advice of one or more designated experts. However,
+ to allow for the allocation of values prior to publication, the
+ designated experts may approve registration once they are satisfied
+ that such a specification will be published.
+
+ Registration requests sent to the mailing list for review SHOULD use
+ an appropriate subject (e.g., "Request to register value in SSH
+ protocol parameters <specific parameter> registry").
+
+ Within the review period, the designated experts will either approve
+ or deny the registration request, communicating this decision to the
+ review list and IANA. Denials MUST include an explanation and, if
+ applicable, suggestions as to how to make the request successful.
+ Registration requests that are undetermined for a period longer than
+ 21 days can be brought to the IESG's attention (using the
+ <iesg@ietf.org> mailing list) for resolution.
+
+ Criteria that SHOULD be applied by the designated experts includes
+ determining whether the proposed registration duplicates existing
+ functionality (which is not permitted), whether it is likely to be of
+ general applicability or useful only for a single application, and
+ whether the registration description is clear.
+
+ IANA MUST only accept registry updates from the designated experts
+ and the IESG. It SHOULD direct all requests for registration from
+ other sources to the review mailing list.
+
+ It is suggested that multiple designated experts be appointed who are
+ able to represent the perspectives of different applications using
+ this specification, in order to enable broadly informed review of
+ registration decisions. In cases where a registration decision could
+ be perceived as creating a conflict of interest for a particular
+ expert, that expert SHOULD defer to the judgment of the other
+ experts.
+
+4. IANA Considerations
+
+ This memo is entirely about updating the IANA "Secure Shell (SSH)
+ Protocol Parameters" registry.
+
+5. Security Considerations
+
+ This memo does not change the Security Considerations for any of the
+ updated RFCs.
+
+6. References
+
+6.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119,
+ DOI 10.17487/RFC2119, March 1997,
+ <https://www.rfc-editor.org/info/rfc2119>.
+
+ [RFC4250] Lehtinen, S. and C. Lonvick, Ed., "The Secure Shell (SSH)
+ Protocol Assigned Numbers", RFC 4250,
+ DOI 10.17487/RFC4250, January 2006,
+ <https://www.rfc-editor.org/info/rfc4250>.
+
+ [RFC4819] Galbraith, J., Van Dyke, J., and J. Bright, "Secure Shell
+ Public Key Subsystem", RFC 4819, DOI 10.17487/RFC4819,
+ March 2007, <https://www.rfc-editor.org/info/rfc4819>.
+
+ [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
+ Writing an IANA Considerations Section in RFCs", BCP 26,
+ RFC 8126, DOI 10.17487/RFC8126, June 2017,
+ <https://www.rfc-editor.org/info/rfc8126>.
+
+ [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
+ 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
+ May 2017, <https://www.rfc-editor.org/info/rfc8174>.
+
+ [RFC8308] Bider, D., "Extension Negotiation in the Secure Shell
+ (SSH) Protocol", RFC 8308, DOI 10.17487/RFC8308, March
+ 2018, <https://www.rfc-editor.org/info/rfc8308>.
+
+6.2. Informative References
+
+ [CURDLE-MA]
+ Turner, S., "Subject: [Curdle] Time to Review IANA SSH
+ Registries Policies?", message to the Curdle mailing list,
+ February 2021,
+ <https://mailarchive.ietf.org/arch/msg/curdle/
+ gdiOlZr9bnrZv8umVyguGG3woIM/>.
+
+ [RFC4716] Galbraith, J. and R. Thayer, "The Secure Shell (SSH)
+ Public Key File Format", RFC 4716, DOI 10.17487/RFC4716,
+ November 2006, <https://www.rfc-editor.org/info/rfc4716>.
+
+Acknowledgements
+
+ The impetus for this specification was a February 2021 discussion on
+ the CURDLE mailing list [CURDLE-MA].
+
+Author's Address
+
+ Peter E. Yee
+ AKAYLA
+ Mountain View, CA 94043
+ United States of America
+ Email: peter@akayla.com