draft-ietf-secsh-architecture-08

Network Working Group                                          T. Ylonen
INTERNET-DRAFT                                                T. Kivinen
draft-ietf-secsh-architecture-08.txt                         M. Saarinen
Expires: 2 September, 2001                                      T. Rinne
                                                             S. Lehtinen
                                             SSH Communications Security
                                                           2 March, 2001



            Secure Shell Remote Login Protocol Architecture

Status of This Memo

This document is an Internet-Draft and is in full conformance
with all provisions of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups.  Note that
other groups may also distribute working documents as
Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time.  It is inappropriate to use Internet-
Drafts as reference material or to cite them other than as
"work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

Abstract

The Secure Shell Remote Login Protocol is a suite of protocols for
secure remote logins and other secure network services over an insecure
network.  This document describes the overall architecture of the Secure
Shell protocols, as well as the notation and terminology used in the
protocol documents. It also discusses the algorithm naming system that
allows local extensions.  The Secure Shell protocol consists of three
major components: The Transport Layer Protocol provides server authenti-
cation, confidentiality, and integrity with perfect forward secrecy. The
User Authentication Protocol authenticates the client to the server. The
Connection Protocol multiplexes the encrypted tunnel into several logi-
cal channels.  Details of these protocols are described in separate doc-
uments.









T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne and S. Lehtinen    [page 1]


INTERNET-DRAFT                                            2 March, 2001

Table of Contents

1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . .  2
2.  Specification of Requirements   . . . . . . . . . . . . . . . . .  2
3.  Architecture  . . . . . . . . . . . . . . . . . . . . . . . . . .  3
  3.1.  Host Keys   . . . . . . . . . . . . . . . . . . . . . . . . .  3
  3.2.  Extensibility   . . . . . . . . . . . . . . . . . . . . . . .  4
  3.3.  Policy Issues   . . . . . . . . . . . . . . . . . . . . . . .  4
  3.4.  Security Properties   . . . . . . . . . . . . . . . . . . . .  5
  3.5.  Packet Size and Overhead  . . . . . . . . . . . . . . . . . .  5
  3.6.  Localization and Character Set Support  . . . . . . . . . . .  6
4.  Data Type Representations Used in the Secure Shell Protocols  . .  7
5.  Algorithm Naming  . . . . . . . . . . . . . . . . . . . . . . . .  8
6.  Message Numbers   . . . . . . . . . . . . . . . . . . . . . . . .  8
7.  IANA Considerations   . . . . . . . . . . . . . . . . . . . . . .  9
8.  Security Considerations   . . . . . . . . . . . . . . . . . . . . 10
9.  Trademark Issues  . . . . . . . . . . . . . . . . . . . . . . . . 10
10.  References   . . . . . . . . . . . . . . . . . . . . . . . . . . 10
11.  Authors' Addresses   . . . . . . . . . . . . . . . . . . . . . . 11

	Title	The Secure Shell (SSH) Protocol Architecture
Document	Document type	This is an older version of an Internet-Draft that was ultimately published as RFC 4251. Expired & archived
	Select version	00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 RFC 4251
	Compare versions
	Author
	RFC stream
	Other formats	txt bibtex bibxml
	Additional resources	Mailing list discussion
		Report a bug