aboutsummaryrefslogtreecommitdiff
path: root/doc/draft-ietf-secsh-fingerprint-01.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/draft-ietf-secsh-fingerprint-01.txt')
-rw-r--r--doc/draft-ietf-secsh-fingerprint-01.txt120
1 files changed, 120 insertions, 0 deletions
diff --git a/doc/draft-ietf-secsh-fingerprint-01.txt b/doc/draft-ietf-secsh-fingerprint-01.txt
new file mode 100644
index 0000000..5edea39
--- /dev/null
+++ b/doc/draft-ietf-secsh-fingerprint-01.txt
@@ -0,0 +1,120 @@
+
+
+
+
+
+
+INTERNET-DRAFT Markus Friedl
+draft-ietf-secsh-fingerprint-01.txt The OpenBSD Project
+Expires in six months September 2003
+
+
+ SSH Fingerprint Format
+
+
+Status of this Memo
+
+ This document is an Internet-Draft and is in full conformance with
+ all provisions of Section 10 of RFC2026.
+
+ Internet-Drafts are working documents of the Internet Engineering
+ Task Force (IETF), its areas, and its working groups. Note that
+ other groups may also distribute working documents as Internet-
+ Drafts.
+
+ Internet-Drafts are draft documents valid for a maximum of six months
+ and may be updated, replaced, or obsoleted by other docu- ments at
+ any time. It is inappropriate to use Internet- Drafts as reference
+ material or to cite them other than as "work in progress."
+
+ The list of current Internet-Drafts can be accessed at
+ http://www.ietf.org/ietf/1id-abstracts.txt
+
+ The list of Internet-Draft Shadow Directories can be accessed at
+ http://www.ietf.org/shadow.html.
+
+ Distribution of this memo is unlimited.
+
+Abstract
+
+ This document formally documents the fingerprint format in use for
+ verifying public keys from SSH clients and servers.
+
+Introduction
+
+ The security of the SSH protocols relies on the verification of
+ public host keys. Since public keys tend to be very large, it is
+ difficult for a human to verify an entire host key. Even with a PKI
+ in place, it is useful to have a standard for exchanging short
+ fingerprints of public keys.
+
+ This document formally describes the simple key fingerprint format.
+
+
+
+
+
+
+Friedl [Page 1]
+
+
+
+
+
+INTERNET-DRAFT March 2003
+
+
+Fingerprint Format
+
+ The fingerprint of a public key consists of the output of the MD5
+ message-digest algorithm [RFC-1321]. The input to the algorithm is
+ the public key blob as described in [SSH-TRANS]. The output of the
+ algorithm is presented to the user as a sequence of 16 octets printed
+ as hexadecimal with lowercase letters and separated by colons.
+
+ For example: "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87"
+
+References
+
+ [SSH-TRANS] Ylonen, T., et al: "SSH Transport Layer Protocol",
+ Internet Draft, draft-secsh-transport-15.txt
+
+ [RFC-1321] R. Rivest: "The MD5 Message-Digest Algorithm", April 1992.
+
+ [RFC-2026] S. Bradner: "The Internet Standards Process -- Revision
+ 3", October 1996.
+
+Author's Address:
+
+ Markus Friedl
+ markus@openbsd.org
+ Munich, Germany
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Friedl [Page 2]
+
+