Goldstein Lyor created SSHD-898:
-----------------------------------
Summary: Allow client session to delay sending KEX_INIT until
server KEX_INIT received
Key: SSHD-898
URL: https://issues.apache.org/jira/browse/SSHD-898
Project: MINA SSHD
Issue Type: Improvement
Affects Versions: 2.2.0
Reporter: Goldstein Lyor
Assignee: Goldstein Lyor
In order to support [RFC 8308 - KEX extension
negotiation|https://tools.ietf.org/html/rfc8308] we need the client to hold
back sending the KEX_INIT message until the server-side one has been received,
in order to examine the server's proposal and see if it supports this
extension. This is required since the client cannot safely declare it supports
it since
{quote}
If a server does not send this extension, a client MUST NOT make any
assumptions about the server's public key algorithm support, and MAY
proceed with authentication requests using trial and error. Note
that implementations are known to exist that apply authentication
penalties if the client attempts to use an unexpected public key
algorithm.
{quote}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
